Someone is telling me so and I have some doubt but I can't find any information on the web.
-
I've been running linux continuously since slackware with kernel 1.0.13 and I've never seen cleartext passwords. I'd strongly doubt that it ever happened, but I can only vouch for what I've seen.
-
On Linux, no, but on old Unix systems a hash of the password was stored in
/etc/passwd.Warner : You're confusing /etc/shadow with his question. Linux didn't always use /etc/shadow.From voyager -
From "Password Security: A Case History", by Robert Morris and Ken Thompson (1979) ( http://www.cs.yale.edu/homes/arvind/cs422/doc/unix-sec.pdf ), quoted from the prologue:
The UNIX system was first implemented with a password file that contained the actual passwords of all the users, and for that reason the password file had to be heavily protected against being either read or written.
So yes, originally, the password file contained actual passwords
EDIT
This was in UNIX. Even by the time the above referenced paper came out, it was seen as a bad idea. Since Debian is post-1991, it would be ludicrous to assume or believe that the Linux distro would have enabled password files without even crypt protection.
It is far more likely that initial versions of the Debian passwd suite used non-shadowed passwords, which would have stored the encrypted passwords in /etc/passwd itself. The mechanism used back then would have been 'crypt', which is mathematically simpler to compute than the current practice of using md5 (although other options are available).
If you get a chance, pick up the Linux Pro Magazine's "Shell Handbook" edition. I've got a 4 page article on command-line user manipulation, and I talk about the history of UNIX password security.
Bart Silverstrim : There were non-shadowed passwords in Linux because I remember in the cobwebby corners of my recollection when the switch was made and wondering why the fields in /etc/passwd had changed.Matt Simmons : @Bart: Yeah, it looks like the Shadow suite was ported to Linux in '92, which means it probably wouldn't have hit most distros for a little whileMatt Simmons : Also, it looks like Slackware went without Shadow until at least 3.0 (http://slackware.osuosl.org/slackware-3.3/docs/Shadow-Password-HOWTO)Bart Silverstrim : @Matt: That long ago it was ported? I was thinking it was close to '94 or so that I remembered it cropping up. But that could be too. The distros were a little different in nature back then. I remember some of the arcana of getting X to work, and most of the time staying in virtual consoles. I feel old even though supposedly I'm not...wow...Bart Silverstrim : @Matt: To FVWM or not to use FVWM...that used to be the big question :-)Dreur : Thanks - a great answer.Matt Simmons : Dreur: Thanks - @Bart: Seriously. Though I feel old because I've been using the same desktop interface for 10 years (windowmaker)From Matt Simmons -
Yes. Shadow password files were introduced later. I once had to upgrade Slackware Linux systems to support shadow passwords. I have a hard time recalling what version. However, I'd guess around 2.0.
There's a Linux HOWTO1 with more details.
Edit
I misread initially. Passwords were never stored cleartext in Linux's /etc/passwd. Shadow password files were not always used in Linux, as stated earlier.
From Warner -
If you are really curious about Debian all the original packages can be found here (http://archive.debian.org/debian/).
From what I can tell by looking at the Packages file the shadow tools where added in 1.3. A quick look at the 1.1 source for login-utils which is one of the earliest releases shows up as using the old crypt() function which I believe used Triple DES.
From Zoredache -
I've been a Unix SysAdmin since 1992, well before we had /etc/shadow.
Before /etc/shadow, /etc/passwd entries looked something like this:
user:XDjfiejfiejf:1001:1001:Joe User:/home/user:/bin/sh
The second field was the encrypted (not hashed) password entry for the user. Just as it is today, /etc/passwd had permission settings of 644, meaning everyone could read the file. /etc/passwd needs to be world-readable so that (for example) a program can convert a User ID into a Username.
But that also made it possible for a brute-force attack to figure out a users password without actually trying to log in -- just keep encrypting different strings, and when the attack program's encrypted result was the same as the string stored in /etc/passwd, bingo, you've got the users password.
Thus was born /etc/shadow. Now the second field of the /etc/passwd file is simply '*', and the encrypted password is stored in /etc/shadow, which has its permissions set to 640 (or sometimes 600) -- meaning you need privileges to even read the encrypted string. No more brute-force attack.
grawity : Are you sure that was really "encryption"? AFAIK, `crypt()` had never used reversible algos...Jeff Leyser : Encryption doesn't mean reversible. crypt() uses the DES block cypher (http://en.wikipedia.org/wiki/Data_Encryption_Standard) to turn the plain-text password into the encrypted string in /etc/passwd.From Jeff Leyser -
Practically this someone's argument is a valid one, from today's point of view DES encrypted password and plain text one is the same thing :) It will take seconds (at most) to crack it.
Also, shadow and encryption is not the same thing, seems like many answers are confused about it. Even now you can have your encrypted password in /etc/password as world-readable. But your question is not really clear about this part.
From monomyth
0 comments:
Post a Comment