/etc/passwd: strange format

I know password shadowing has been in place for some time now, but my ISP seems
to have some unusual system. For a start, there appears to be no /etc/shadow, but there
is an /etc/passwd. However, the contents of this file seem partly shadowed
and partly unshadowed. Can someone suggest 1) what kind of shadowing system
the ISP may be using; 2) what the point is of including some encrypted passwords
and others replaced by *; and 3) why the encrypted passwords seem unusually
long. I'm pasting an extract from the /etc/passwd file below.

Thanks,

David King.


root:3eKdPK59rcSUVTNRiFXqPcV/:0:0:root:/root:/bin/bash
bin:*:1:1:bin:/bin:
daemon:*:2:2:daemon:/sbin:
admn:*:3:4:adm:/var/adm:
lp:*:4:7:lp:/var/spool/lpd:
sync:*:5:0:sync:/sbin:/bin/sync
dns:h4eyjMckrF18VCBDdnj.MyU/:300:300:DNS:/home/dns:/bin/bash
sevrinAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

elfieCommented:
An * as in the password field that there is NO  VALID password.
the /etc/shadow file only used if it exists. In other case the passwd for th euser is retrieved from the passwd file itself.

Normally when you have a shadow file the password field in the passwd file contains an "X", but when the shadow file in not there the field contains the encrypted password.

This field contains 13 characters of which the last 2 (or fiorst 2) are the crypt key, and the other 11 are the encrypted password. Whenever the password field contains another number of characters all passwords will be invalid.
It means that with such a passworf field, root cannot log in.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ozoCommented:
You may want to edit that question if you don't want everyone seeing your /etc/password
0
rickyrCommented:
root logins should be disabled at all times anyway.
You will never be able to see the contents of a shadow file unless you are root.
crypt key?????
do you mean "salt", all encrypted passwords are NOT decryptable, so there is no key.
An asterix means you can't login with that account.
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

elfieCommented:
Sorry to disappoint you but there is a 'crypt' key.

You take the value the users puts in the passwd command, you take the seed out of the shadow/passwd file, a make an encrypted key.
Then you compared your just encrypted password and compare it with the value stored in shadow/passwd file. When they match you entered a valid passwd.

This way passwords doesn't need to be encrypted, but just crypted.

If you doesn't believe it try the following:
change password into let's say pasword1
and save the encrypted password.
Then change pswd into pasword2, and again change it in to pasword1.
Now compare the first encrypted password and the last encrypted. They will 'almost' certainly differ.
If no seed would exist, you would have to get the same encrypted password if the first and third case.
0
rickyrCommented:
It's just that I never heard of it being called a key before.
I call it "salt", maybe its my perl coming thru, where if you decide to use a non random salt, then the password will always
crypt to the same every time, I've done it.
0
bcwhiteCommented:
It's always been called the "salt" as far as I know.  It goes back long before Perl.

I believe it's purpose is so that someone can't just create a big file of crypted passwords and then do a fast search.  You have to run the algorithm each time (or store 64^2 copies of each crypted password).

-- Brian
0
MoondancerCommented:
This question was awarded, but never cleared due to the JSP-500 errors of that time.  It was "stuck" against userID -1 versus the intended expert whom you awarded.  This corrects the problem and the expert will now receive these points; points verified.

Please click on your Member Profile and select "View Question History" to navigate through any open or locked questions you may have to update and finalize them.  Or if you are an EE Pro user, click the link below to select open items for your Member ID using Power Search:
http://www.experts-exchange.com/jsp/qPowerSearch.jsp.

This is the Community Support link, if help is needed, along with the link to All Topics which reflects many TAs recently added.

http://www.experts-exchange.com/jsp/qList.jsp?ta=commspt
http://www.experts-exchange.com/jsp/zonesAll.jsp
 
Thank you,
Moondancer
Moderator @ Experts Exchange
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
System Programming

From novice to tech pro — start learning today.