|
Securing Passwords in linux |
|
|
|
Page 1 of 3 Securing Passwords in linux Historically, UNIX passwords are stored in the /etc/passwd file, which any user can read. For example, a typical old-style /etc/passwd file entry for the root user looks like this:
root:t6Z7NWDK1K8sU:0:0:root:/root:/bin/bash
The fields are separated by colons (:), and the second field contains the
password in encrypted form. To check whether a password is valid, the login
program encrypts the plain-text password the user enters and compares the
password with the contents of the /etc/passwd file. If there is a match,
the user is allowed to log in.
Password-cracking programs work just like the login program, except that
these programs pick one word at a time from a dictionary, encrypt the word,
and compare the encrypted word with the encrypted passwords in the
/etc/passwd file for a match. To crack the passwords, the intruder needs the
/etc/passwd file. Often, crackers use weaknesses of various Internet servers
(such as mail and FTP) to get a copy of the /etc/passwd file.
Several improvements have made passwords more secure in Linux. These
include shadow passwords and pluggable authentication modules —
described in the next two sections — and you can install these easily as you
install Linux. During Linux installation, you typically get a chance to configure
the authentication. If you enable MD5 password and enable shadow pass-
words, you automatically enable more secure passwords in Linux.
|
Linux Security 