[CentOS] Shadow passwords NOT md5'ed ?

Bill Campbell centos at celestial.com
Sun Apr 5 19:19:08 UTC 2009


On Sun, Apr 05, 2009, Ralph Angenendt wrote:
>Michael A. Peters wrote:
>> Ralph Angenendt wrote:
>> > Frédérique Da Luene wrote:
>> >> Useradd newuser : ok
>> >> passwd newuser : ok
>> >>
>> >> The password is not MD5, only 3DES.
>> > 
>> > Again: Have you looked if passwd on your machine is the one from CentOS?
>> > 
>> 
>> I would suggesting copying the binary to a known clean machine to check 
>>   the md5sum to verify. If you might have been hacked, you can't check 
>> the md5 on that box.
>
>Yupp. The last times I had to handle/help in such situations, the binaries
>were clearly way off for the machines - often a comparing ls -l is enough, but
>not all the time.

This will tell if the program is different and works on any RPM
based system regardless of their package contents.

rpm -V `rpm -qf /bin/login`

Or of you're not lazy as I am.

rpm -qf /bin/login # gets the name of the package
rpm -V util-linux # the name of the package returned.

-- 
Bill
-- 
INTERNET:   bill at celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:          (206) 236-1676  Mercer Island, WA 98040-0820
Fax:            (206) 232-9186

A man who would consider himself a bandit if, pistol in hand, he
prevented me from carrying out a transaction that was in conformity with
my interests has no scruples in working and voting for a law that replaces
his private force with the public force and subjects me, at my own
expense, to the same unjust restrictions. -- Bastiat, Frederic, Harmonies


More information about the CentOS mailing list