Is there a way to retrive passwords from a server for users? I'm helping a
friend move his box to a outsourse provider and need to retrive the
passwords for all the accounts on the system. I'm thinking that this is
going to be a no go, but had to ask anyway. Thanks. Chris Morris

[ Post a follow-up to this message ]

On Tue, 20 Apr 2004 20:05:47 +0000 Chris Morris wrote:

> Is there a way to retrive passwords from a server for users? I'm helping a
> friend move his box to a outsourse provider and need to retrive the
> passwords for all the accounts on the system. I'm thinking that this is
> going to be a no go, but had to ask anyway. Thanks. Chris Morris

Maybe I miss something, but why don't you just backup and copy the up to
now used passwd + shadow + group + gshadow files?

Getting the real password from the encrypted needs brute force attack on
them and that can take quite a long time if they are not mostly trivial,
if you ever get a result.

Alexander


--
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416  14CD E197 6E88 ED69 5653

[ Post a follow-up to this message ]

Alexander Dalloz <alexander.dalloz@uni-bielefeld.de> wrote in
news:pan.2004.04.20.20.31.28.546492@uni-bielefeld.de:

> Maybe I miss something, but why don't you just backup and copy the up
> to now used passwd + shadow + group + gshadow files?
>
> Getting the real password from the encrypted needs brute force attack
> on them and that can take quite a long time if they are not mostly
> trivial, if you ever get a result.
>
> Alexander
>
>

Thanks, thats what I was thinking. Oh well just best to reset there
passwords then. Thanks again. Chris

[ Post a follow-up to this message ]

I don't understand why you wouldn't  copy over the /etc/passwd, /etc/shadow
and /etc/group file over to the new server. We do that all the time. If your
moving people one at a time, just build the new user account and give them a
junk password. Then cut the old password from /etc/shadow and paste it over
the new one. It will work just fine. there is really no reason for you to
know all your user passwords and cause them grief. Normally we do server
jumps and our users never know the difference..

Joel

"Chris Morris" <jcmorris_99@yahoo.com> wrote in message
news:40866b6f$0$77170$9a6e19ea@news.newshosting.com...
> Alexander Dalloz <alexander.dalloz@uni-bielefeld.de> wrote in
> news:pan.2004.04.20.20.31.28.546492@uni-bielefeld.de:
> 
>
> Thanks, thats what I was thinking. Oh well just best to reset there
> passwords then. Thanks again. Chris

[ Post a follow-up to this message ]