[15252] in bugtraq
Password Generation during RH Linux 6.x Installation
daemon@ATHENA.MIT.EDU (William R. Lorenz)
Thu Jun 8 14:26:29 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <F1A80EB6178AD111940F0060B06A448C32DE4D@SPSINT1>
Date: Wed, 7 Jun 2000 11:21:42 -0400
Reply-To: wrl@summitpro.com
From: "William R. Lorenz" <wrl@SUMMITPRO.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
BugTraq'ers,
It seems as though, when entering a root password during RH Linux 6.x
installation, the generated password, stored in the shadowed passwords file
(/etc/shadow) does not contain a salt. This has occured on three separate
machines, and after the root password is changed using the `passwd` command,
the salt is included in the encrypted password, as it should be. Can anyone
confirm this observation and provide more details? Thanks, in advance.
--
"The rewards in business go to the man who does
something with an idea." - William Benton
