[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Shadow Passwords
- Subject: [cobalt-security] Shadow Passwords
- From: <cobalt@xxxxxxxxxxxxx>
- Date: Mon, 30 Jul 2001 17:38:03 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
I've checked the archives, and this seems to be the best group to send this
question to. We are currently moving our web servers from Redhat 6.0 to new
Cobalt4r's. The major hurtle right now is moving the password file over to
the new machine. As a security precaution, we have never kept passwords
beyond the initial password assigned to a user when they sign up on file, so
we know that the listing we have in our hard copies are not up to date. We
also have not kept password change records in the past. Although this may
be considered "bad" administration by some, we have not had reason to regret
this policy till now (Famous last words?).
Our problem is that the Cobalt OS seems to encrypt passwords differently
than on the RedHat 6.0 system. For example when moving accounts from
Redhat6.0 to FreeBSD servers we could simply cut and paste the shadow line
and it would work. Does anyone have a suggestion on what we can do to solve
this issue, or am I up the creek without a decrypted paddle.
Any help would be greatly appreciated.
David
=============================
david@xxxxxxxxxxxxx
1-800-733-0368 extension 255
Knight Web Services Inc.
=============================