Bugtraq mailing list archives

Password Generation during RH Linux 6.x Installation

From: wrl () SUMMITPRO COM (William R. Lorenz)
Date: Wed, 7 Jun 2000 11:21:42 -0400


BugTraq'ers,

It seems as though, when entering a root password during RH Linux 6.x
installation, the generated password, stored in the shadowed passwords file
(/etc/shadow) does not contain a salt.  This has occured on three separate
machines, and after the root password is changed using the `passwd` command,
the salt is included in the encrypted password, as it should be.  Can anyone
confirm this observation and provide more details?  Thanks, in advance.

--
"The rewards in business go to the man who does
      something with an idea." - William Benton

Current thread:

Re: An Analysis of the TACACS+ Protocol and its Implementations Juan M. Courcoul (Jun 01)
- Re: An Analysis of the TACACS+ Protocol and its Implementations Eccentric (Jun 01)
  - HP Security vulnerability in the man command Jason Axley (Jun 02)
    - MDMA Advisory #5: Reading of CGI Scripts under Savant Webserver Drew (Jun 05)
    - Re: HP Security vulnerability in the man command Theo de Raadt (Jun 05)
    - Re: HP Security vulnerability in the man command Philipp Buehler (Jun 06)
    - Password Generation during RH Linux 6.x Installation William R. Lorenz (Jun 07)
    - Re: Password Generation during RH Linux 6.x Installation Fabian Kroenner (Jun 08)
    - Re: HP Security vulnerability in the man command V. T. Mueller (Jun 07)
  - Re: An Analysis of the TACACS+ Protocol and its Implementations Dylan (Jun 02)
  - Microsoft Security Bulletin (MS00-037) Microsoft Product Security (Jun 02)
- Re: An Analysis of the TACACS+ Protocol and its Implementations Fyodor (Jun 01)