[CentOS] EL7, grub-crypt?

Wed Aug 27 22:51:45 UTC 2014
David Goldsmith <dgoldsmith at sans.org>

On Aug 27, 2014, at 6:37 PM, Darod Zyree <darodzyree at gmail.com> wrote:

> 2014-08-27 16:07 GMT+02:00 Baptiste Agasse <baptiste.agasse at lyra-network.com
>> :
> 
>> 
>> 
>> ----- Mail original -----
>>> Hi,
>>> 
>>> Whats the new way of creating sha512 passwords in EL7?
>> 
>> 
>> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-GRUB_2_Password_Protection.html#sec-Password_Encryption
>> 
>>> In Centos6 I used grub-crypt but that does not exist anymore.
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>>> 
>> 
>> --
>> Baptiste AGASSE
>> Lyra Network, Service Systèmes et Réseaux
>> 109 Rue de l'innovation, 31670 Labège - France
>> Tél: (+33)5.67.22.31.87
>> Fax: (+33)5.67.22.31.61
>> Mail: baptiste.agasse at lyra-network.com
>> Site: http://www.lyra-network.com
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>> 
> 
> But this is for creating passwords for grub2, no?
> 
> I was asking (altough might not have been clear enough) on how to get the
> encrypted values for the shadow file entries.
> grub-crypt used to be able to do that, returning with the encrypted value
> of a given passphrase starting with $6$
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos


Its the default hash used on EL7 by the “passwd” command.

[root at centos7 etc]# grep dgoldsmith /etc/shadow
dgoldsmith:$6$IoGARIF2$44lyu/9VjFmGsOW (line truncated)

[root at centos7 etc]# tail -3 /etc/login.defs
# Use SHA512 to encrypt password.
ENCRYPT_METHOD SHA512

--
David Goldsmith

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.centos.org/pipermail/centos/attachments/20140827/b510e7c5/attachment-0004.sig>