"/etc/shadow-" What is the purpose of this file?
David Mandala
plug-discuss@lists.plug.phoenix.az.us
21 Feb 2002 16:27:25 -0700
Woops, that will teach me to read the question closer ;-)
On Thu, 2002-02-21 at 16:03, Matt Alexander wrote:
> David's response is correct, but it doesn't answer the original question.
> The reason for passwd- and shadow- are to keep a backup of the previous
> passwd and shadow files. If you add a new user to the system using
> useradd, for example, then your current passwd file will be moved to
> passwd-. If you somehow hose your passwd file, then you could always
> recover the most recent version by moving passwd- to passwd.
> ~M
>
> On 21 Feb 2002, David Mandala wrote:
>
> > The reason for the shadow file is /etc/passwd is world readable and
> > needs to be, however if someone can gain access to the actual hashed
> > passwords that at one time were contained in the passwd file you can do
> > a brute force attack and gain access to different accounts on the
> > machine. By moving the actual hassed passwords out of the passwd file
> > into the root only readable shadow file it is much harder for someone to
> > capture the actual password hashes and without those it is MUCH harder
> > to attempt a brute force attack on a machine.
> >
> > On Thu, 2002-02-21 at 15:10, JM wrote:
> > > What is the purpose for the file /etc/shadow-
> > > or for the files
> > > /etc/passwd-
> > > /etc/gshadow-
> > > /etc/group-
> > >
> > > These files are nearly identical to their
> > > cognates in content and file attributes.
> > > Is there a simple explanation for maintaining
> > > these files along with the standard file:
> > >
> > > /etc/shadow, /etc/passwd, /etc/gshadow, /etc/group ?
> > >
> > > Is the a common convention for other Unix-like systems?
> > >
> > > My reason for asking is that this is a minor inconvenience
> > > when hiding this /etc/shadow- file and what programs may
> > > be using this file.
> > >
> > > Jerry M.
> > > a RedHat user
> > >
> > > ________________________________________________
> > > See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
> > >
> > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> >
> > ________________________________________________
> > See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
> >
> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss