Re: New problem re: my pam question

[Bryan Swann <swann nosc mil>]

I had a similar problem.  I ran the program to convert the system to use
shadow passwords.  I wanted to load the latest anonymous ftp package.  I
had to also load the latest pam stuff.  It seems that when you load the
pwdb RPM, shadow passwords are no longer supported.  I tried running the
pwconv5 program again, but it did fix the problem.

I haven't had the time to further investigate the problem.  Luckily, I was
still logged in when I found the problem.  I simply ran the passwd command
to overwrite the /etc/password shadow entry to a real password.

I'm curious to know how to continue to use shadow passwords.  Is there a
way?  Also, is there an easy way to use better encryption schemes?  Say 
MD5 encryption.  

I am moving the web pages from an existing FreeBSD to Linux.  The password
file for the Web passwords uses MD5 encryption.  I moved the directory
structure, as is.  I found that the password protected areas were still
working.  The config files point to the same password files that used MD5
encryption.  Why do they still work?  Is it because the Apache web server
code understands MD5 encryption or does Linux understand the encryption.
I'm not a programmer, but I assume that support is built into the crypt
function call.  If that is the case, I (someone else) could write a
passwd program to use MD5.  I think the encryption used is based on the
format of the salt that is passed.  So, this should be relatively simple
to do.  Since MD5 is much more difficult to run a password cracker
against, I wonder why it is not currently in use?

 __________________________________________________________________________
| Bryan Swann (swann nosc mil)  803/974-4267   803/974-5080 (Fax)          |
| Eagan McAllister Associates, Inc.                                        |
|                                                                          |
|  "Everything must be working perfectly, cause I don't smell any smoke"   |
 --------------------------------------------------------------------------

On Fri, 11 Jul 1997, Chuck Bearden wrote:

> 
> (RH 4.1)
> 
> I followed Erik Troan's good (and embarrasingly simple) advice about 
> upgrading both pam and pamconfig via rpm, in order to upgrade the Samba 
> package.  I also upgraded pwdb, since I believe that one of the other 
> packages required it.  
> 
> I now can no longer log into that machine, either as root from the 
> console or as myself from anywhere.  My thought is that it must've been 
> the pwdb, which I later learned is still alpha and unsupported (though it 
> seems as though pam required it).  I thought I had grabbed the newest 
> rpms from the updates directories of U of Ok and U of Ark mirrors.  
> 
> Unless someone has hacked me and changed the passwords, it looks like I 
> done meself.  
> 
> How does one go about undoing this kind of thing?  Power down and reboot
> into single-user mode?  Then what? 
> 
> I need to get this fixed today, so thanks for any help.  
> 
> Chuck Bearden
> Network Services Librarian
> Houston Public Library
> cbearden ci houston tx us
> cbearden hpl lib tx us
> 
> 
> --
>   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
>          To unsubscribe: mail redhat-install-list-request redhat com
>                      with "unsubscribe" as the Subject.
> 
>