Hi,
Whats the new way of creating sha512 passwords in EL7? In Centos6 I used grub-crypt but that does not exist anymore.
----- Mail original -----
Hi,
Whats the new way of creating sha512 passwords in EL7?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
In Centos6 I used grub-crypt but that does not exist anymore. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
2014-08-27 16:07 GMT+02:00 Baptiste Agasse <baptiste.agasse@lyra-network.com
:
----- Mail original -----
Hi,
Whats the new way of creating sha512 passwords in EL7?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
In Centos6 I used grub-crypt but that does not exist anymore. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Baptiste AGASSE Lyra Network, Service Systèmes et Réseaux 109 Rue de l'innovation, 31670 Labège - France Tél: (+33)5.67.22.31.87 Fax: (+33)5.67.22.31.61 Mail: baptiste.agasse@lyra-network.com Site: http://www.lyra-network.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
But this is for creating passwords for grub2, no?
I was asking (altough might not have been clear enough) on how to get the encrypted values for the shadow file entries. grub-crypt used to be able to do that, returning with the encrypted value of a given passphrase starting with $6$
On Aug 27, 2014, at 6:37 PM, Darod Zyree darodzyree@gmail.com wrote:
2014-08-27 16:07 GMT+02:00 Baptiste Agasse <baptiste.agasse@lyra-network.com
:
----- Mail original -----
Hi,
Whats the new way of creating sha512 passwords in EL7?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
In Centos6 I used grub-crypt but that does not exist anymore. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Baptiste AGASSE Lyra Network, Service Systèmes et Réseaux 109 Rue de l'innovation, 31670 Labège - France Tél: (+33)5.67.22.31.87 Fax: (+33)5.67.22.31.61 Mail: baptiste.agasse@lyra-network.com Site: http://www.lyra-network.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
But this is for creating passwords for grub2, no?
I was asking (altough might not have been clear enough) on how to get the encrypted values for the shadow file entries. grub-crypt used to be able to do that, returning with the encrypted value of a given passphrase starting with $6$ _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Its the default hash used on EL7 by the “passwd” command.
[root@centos7 etc]# grep dgoldsmith /etc/shadow dgoldsmith:$6$IoGARIF2$44lyu/9VjFmGsOW (line truncated)
[root@centos7 etc]# tail -3 /etc/login.defs # Use SHA512 to encrypt password. ENCRYPT_METHOD SHA512
-- David Goldsmith
2014-08-28 0:51 GMT+02:00 David Goldsmith dgoldsmith@sans.org:
On Aug 27, 2014, at 6:37 PM, Darod Zyree darodzyree@gmail.com wrote:
2014-08-27 16:07 GMT+02:00 Baptiste Agasse <
baptiste.agasse@lyra-network.com
:
----- Mail original -----
Hi,
Whats the new way of creating sha512 passwords in EL7?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
In Centos6 I used grub-crypt but that does not exist anymore. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Baptiste AGASSE Lyra Network, Service Systèmes et Réseaux 109 Rue de l'innovation, 31670 Labège - France Tél: (+33)5.67.22.31.87 Fax: (+33)5.67.22.31.61 Mail: baptiste.agasse@lyra-network.com Site: http://www.lyra-network.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
But this is for creating passwords for grub2, no?
I was asking (altough might not have been clear enough) on how to get the encrypted values for the shadow file entries. grub-crypt used to be able to do that, returning with the encrypted value of a given passphrase starting with $6$ _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Its the default hash used on EL7 by the “passwd” command.
[root@centos7 etc]# grep dgoldsmith /etc/shadow dgoldsmith:$6$IoGARIF2$44lyu/9VjFmGsOW (line truncated)
[root@centos7 etc]# tail -3 /etc/login.defs # Use SHA512 to encrypt password. ENCRYPT_METHOD SHA512
-- David Goldsmith
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Right, sha512 was default for rhel6 too.
Am I failing to understand something?
So, lets say I create a new user account, and it was that password (going against all common password policies) to be "tree" without using passwd how do i get the sha512 encrypted value of that password "tree"
2014-08-28 1:15 GMT+02:00 Darod Zyree darodzyree@gmail.com:
2014-08-28 0:51 GMT+02:00 David Goldsmith dgoldsmith@sans.org:
On Aug 27, 2014, at 6:37 PM, Darod Zyree darodzyree@gmail.com wrote:
2014-08-27 16:07 GMT+02:00 Baptiste Agasse <
baptiste.agasse@lyra-network.com
:
----- Mail original -----
Hi,
Whats the new way of creating sha512 passwords in EL7?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
In Centos6 I used grub-crypt but that does not exist anymore. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Baptiste AGASSE Lyra Network, Service Systèmes et Réseaux 109 Rue de l'innovation, 31670 Labège - France Tél: (+33)5.67.22.31.87 Fax: (+33)5.67.22.31.61 Mail: baptiste.agasse@lyra-network.com Site: http://www.lyra-network.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
But this is for creating passwords for grub2, no?
I was asking (altough might not have been clear enough) on how to get
the
encrypted values for the shadow file entries. grub-crypt used to be able to do that, returning with the encrypted
value
of a given passphrase starting with $6$ _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Its the default hash used on EL7 by the “passwd” command.
[root@centos7 etc]# grep dgoldsmith /etc/shadow dgoldsmith:$6$IoGARIF2$44lyu/9VjFmGsOW (line truncated)
[root@centos7 etc]# tail -3 /etc/login.defs # Use SHA512 to encrypt password. ENCRYPT_METHOD SHA512
-- David Goldsmith
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Right, sha512 was default for rhel6 too.
Am I failing to understand something?
So, lets say I create a new user account, and it was that password (going against all common password policies) to be "tree" without using passwd how do i get the sha512 encrypted value of that password "tree"
This thread on Server Fault[1] suggests the following one-liner:
python -c 'import crypt; print crypt.crypt("tree", "$6$random_salt")'
- Jitse
[1] http://serverfault.com/questions/330069/how-to-create-an-sha-512-hashed-pass...
-
Baptiste Agasse -
Darod Zyree -
David Goldsmith -
Jitse Klomp