[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Upgrading old RH server



Kevin Kofler wrote:
> Ashley M. Kirchner wrote:
>>     We have an old RH7.3 server that holds all of our user accounts.
>> I'm in the process of upgrading everything to FC10 and looking at
>> /etc/shadow I'm noticing some differences in the way the passwords are
>> encrypted/stored.
> 
> Different hashing algorithms. (The new one is more secure.)
> 
>>     I tried simply copying the old shadow file to a new FC10 server and
>> it seems to work just fine, however I wonder if I'm not breaking
>> something else by doing that.  So, what's the proper way to do this?  I
>> really don't want to have to reset everyone's password (at least not
>> till they reach their forced expiration.)
> 
> There's no way to convert the passwords automatically as the hashes used are
> not reversible by design (otherwise it would just be cheap obfuscation and
> add no real security).
> 
>         Kevin Kofler
> 
You could always try expiring the password early. Try it with your
own password, and see if changing it converts it to the new hash...
I seam to remember reading something about that working, but I am a
bit hazy about it.

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]