Search This Blog

Friday, March 22, 2013

How to manually create shadow password for a user in Linux

On Linux systems users passwords are stored in /etc/shadow file. An example line showing a password and account details for a 'demo' user on my system looks like this:
 
$ grep demo /etc/shadow
demo:$6$DdiZmmSe$eSXGHIB2gx.cHY.PR.Tfz8l00iStSgea0o7glv2ptBq8FpfSjz5XVU2GgCVzr72zAx4wG4gfYXucgoOGb3Rb7/:15786:0:99999:7:::

Problem

How to compute and generate a user password so it can be copied into the shadow file directly.

Solution and results description

The description of how the password is created can be found here: 
 
$ man shadow
encrypted password
           Refer to crypt(3) for details on how this string is interpreted.


$ man 3 crypt
Glibc Notes
       The glibc2 version of this function supports additional encryption algorithms.

       If salt is a character string starting with the characters "$id$" followed by a string terminated by "$":

              $id$salt$encrypted

       then instead of using the DES machine, id identifies the encryption method used and this then determines how the rest of the password string is  interpreted.   The  following
       values of id are supported:

              ID  | Method
              ─────────────────────────────────────────────────────────

              1   | MD5
              2a  | Blowfish (not in mainline glibc; added in some
                  | Linux distributions)
              5   | SHA-256 (since glibc 2.7)
              6   | SHA-512 (since glibc 2.7)

       So $5$salt$encrypted is an SHA-256 encoded password and $6$salt$encrypted is an SHA-512 encoded one.

       "salt"  stands  for the up to 16 characters following "$id$" in the salt.  The encrypted part of the password string is the actual computed password.  The size of this string
       is fixed:

       MD5     | 22 characters
       SHA-256 | 43 characters
       SHA-512 | 86 characters

Analyzing the shadow line for the demo user we can see that his password:
  • uses SHA512 algorithm
  • it was generated with a salt string DdiZmmSe
  • it is 86 char long
    •  
$ python -c "print len('eSXGHIB2gx.cHY.PR.Tfz8l00iStSgea0o7glv2ptBq8FpfSjz5XVU2GgCVzr72zAx4wG4gfYXucgoOGb3Rb7/')"
86
The first impression that we could simply use a tool to generate an SHA digest isn't going to work unfortunately. The reason is that SHA512 generates only a 512 bit long message digest (that is 64 char string) and the password in shadow file is 86 char long.

Further researching found out that even though the 'crypt' function uses the standard SHA crypto function it varies in a number of ways to produce the 86 char long string. An interesting blog describing the algorithm can be found here: http://www.vidarholen.net/contents/blog/?p=33.

There are number of ways you generate our password:
  • we can use a bash script 
https://github.com/rtomaszewski/experiments/blob/master/shadow_pass.sh
 
$ ./shadow_pass.sh demo DdiZmmSe
$6$DdiZmmSe$eSXGHIB2gx.cHY.PR.Tfz8l00iStSgea0o7glv2ptBq8FpfSjz5XVU2GgCVzr72zAx4wG4gfYXucgoOGb3Rb7/
  • we can write a little script and call the crypt function directly to generate the password
http://serverfault.com/questions/330069/how-to-create-an-sha-512-hashed-password-for-shadow
 
$ python -c "import crypt, getpass, pwd; print crypt.crypt('demo', '\$6\$DdiZmmSe\$')"
$6$DdiZmmSe$eSXGHIB2gx.cHY.PR.Tfz8l00iStSgea0o7glv2ptBq8FpfSjz5XVU2GgCVzr72zAx4wG4gfYXucgoOGb3Rb7/

Further reading


Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)