[ale] Password hashes bent

Patrick tewkewl at mindspring.com
Tue Jul 25 09:20:57 EDT 2000 

Do you have the new slack box doing reverse lookups?  check your
/var/log/warn and messages and see if your firewall box is timing out when a
telnet or ssh is started...

You can also just add your workstation into the host file and see if it can
get in.. Alot of times though the reverse will time out and telnet/ssh will
bomb ot just sit there and hang forever.  (at least this was the case for
us)

-Patrick
----- Original Message -----
From: Joe Knapka <jknapka at charter.net>
To: ale at ale.org
To: <ale at ale.org>
Sent: Monday, July 24, 2000 8:06 PM
Subject: [ale] Password hashes bent


> Hi, folks,
>
> I just upgraded my masq firewall from Slackware 3.0 to Slack
> 7.1. Everything is basically working, but I have one very
> bizarre problem: I can't log in to the machine using either
> ssh or telnet anymore.
>
> I saved the firewall rules and so forth from the previous
> install, and they work (I'm sending this message from a
> machine behind the firewall.) That's not the problem. After
> pulling my hair out for a while, I ended up instrumenting
> sshd to print the hashed password from the shadow password
> file and the hashed password it gets by running crypt() on
> the plain text password, and.... THEY'RE DIFFERENT! Which
> is insane, because I can still login at the console without
> any trouble, which means that -getty- is calling crypt() and
> getting the right answer. It's almost as if sshd and getty
> are calling different versions of crypt(). But I've verified
> that getty and sshd are linked against the same version of
> glibc, so I don't see how this is possible.
>
> One thing that I notice is that the encrypted passwords in
> the shadow password file are much longer than those yielded
> by crypt() = something like 3 times as long.
>
> Any ideas?
>
> TIA,
>
> -- Joe
>
> --
> *** Joe Knapka ***
> I don't know anything about music.  In my line you don't have to.
> -- Elvis Presley
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message
body.

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list