[CentOS] Shadow passwords NOT md5'ed ?

Ralph Angenendt ra+centos at br-online.de
Sun Apr 5 09:51:04 UTC 2009

Michael A. Peters wrote:
> Ralph Angenendt wrote:
> > Frédérique Da Luene wrote:
> >> Useradd newuser : ok
> >> passwd newuser : ok
> >>
> >> The password is not MD5, only 3DES.
> > 
> > Again: Have you looked if passwd on your machine is the one from CentOS?
> > 
> I would suggesting copying the binary to a known clean machine to check 
>   the md5sum to verify. If you might have been hacked, you can't check 
> the md5 on that box.

Yupp. The last times I had to handle/help in such situations, the binaries
were clearly way off for the machines - often a comparing ls -l is enough, but
not all the time.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20090405/e9705134/attachment.sig>

More information about the CentOS mailing list