[ale] Plz Help root to decrypt a user PWD

jmills at TGA.com jmills at TGA.com
Wed Oct 27 03:25:41 EDT 1999


On Wed, 27 Oct 1999 byron at cc.gatech.edu wrote:

> > You are assuming two things here:
> > 1) (as you said) 'agnes' used the same password repeatedly, and _also_
> > 2) diverse systems she used perform the encryption in the same way.
> > 
> > If assumption (2) is right, any text string which yields the same key
> > should work; if that string doesn't work, you need to start again on the
> > other systems: whether the password is the same or not is immaterial.
> 
> I'm unclear on your point here John. If she used the same password everywhere
> then obtaining that password from any single source should be sufficient
> to access the other systems regardless of encryption scheme on the other
> systems.
> 
> Did I miss something?

Byron - thanks for catching me up on this. Naturally if you arrive at the
_same_ password, it should be accepted by whatever encryption is used on
the various systems. If it is not the same -- one which (on one machine)
encrypts to a match, I supposed it might not match on another machine
using a slightly different encryption. I don't know if that is a common
situation, nor whether different machines offset their encryptions so as
to render a copy of '/etc/passwd' from another machine less useful to a
would-be intruder.

(As I understand the case, Stephan wishes to generate a surrogate password
on the Linux system and apply it elsewhere.)

Does that make any sense? (Maybe not ... &8*)

Regards
 -John

  John Mills, Sr. Software Engineer
  TGA Technologies, Inc.
  100 Pinnacle Way, Suite 140
  Norcross, GA 30071-3633
  e-mail: jmills at tga.com
  Phone: 770-441-2100 ext.124 (voice)
         770-449-7740 (FAX)






More information about the Ale mailing list