Path: utzoo!utgpu!jarvis.csri.toronto.edu!clyde.concordia.ca!uunet!lll-winken!uwm.edu!zaphod.mps.ohio-state.edu!think!snorkelwacker!bloom-beacon!athena.mit.edu!jik From: jik@athena.mit.edu (Jonathan I. Kamens) Newsgroups: comp.unix.questions Subject: RE: passwds and crypt(3)... Message-ID: <1990Jan2.222052.915@athena.mit.edu> Date: 2 Jan 90 22:20:52 GMT References: <21913@adm.BRL.MIL> Sender: news@athena.mit.edu (News system) Reply-To: jik@athena.mit.edu (Jonathan I. Kamens) Organization: Massachusetts Institute of Technology Lines: 66 In article <21913@adm.BRL.MIL>, mwood!attcc!hpn@att.att.com writes: > I don't understand the meaning behind use the /etc/shadow file. All it does > is holds the encrypted passwords, right? (like, AkhjfuDe2,md ) > What's the use? I noticed that someone else gave a brief explanation of why publicly readable encrypted passwords can be a bad thing, but it wasn't very thorough, so I want to give a more detailed explanation. This is comp.unix.questions, and not comp.unix.wizards, after all. The password entries in the /etc/passwd file actually consist of two pieces of information. The first two characters are the "seed", which are fed to the crypt() library function (see the man page for it for more information) along with your plain-text password when the password is encrypte. The seed is used by the crypt() function to perturb the encryption algorithm in a way that will make different seeds produce different encrypted password string. More on the purpose of that later. The other characters (usually 11 of them) of the string in the /etc/passwd file are the encrypted password. Now, let's say that someone wants to break into your account, and since they don't know the various security holes that could allow them to become the super-user on any Unix machine :-), they want to do so by finding out what your password is. They have the following tools to help them: 1. A dictionary of commonly used passwords. 2. A very fast machine to work on at their leisure (not a mandatory thing, but good to have. 3. A program to use to break your password. What the program does it take each word in the password dictionary and encrypt it using the seed in the /etc/passwd file. Then, it checks if the encrypted string which is returned is the same as your encrypted password string, and if it is, it has found your password! Now, a few notes about this method of attack. First of all, the crypt() library routine is specifically designed to be slow, even on a fast machine. There are MUCH faster crypt() routines available, and the attacker may be using one of those routines instead of the default Unix version. Second, the seed plays an important role in making an attack on the /etc/passwd file more difficult. If the crypt() routine did not use seeds, then the attacker would have a much easier time of it -- all he would have to do is encrypt the entire dictionary once, and then store the resulting database of passwords and associated encrypted strings in a file somewhere. Then, he could compare each encrypted string to each encrypted string in the /etc/passwd file and thus find out a lot of passwords. The seed mechanism thwarts this by giving users different seeds (there are 4096 different possible seeds, although in practice it is not normal for even close to that many different seeds to actually get used -- another problem), so that each possible password must be encrypted in each user's seed in order to check if it is the correct password. So, this brings us to the question, "What is the advantage of an /etc/shadow file?" If the encrypted password strings are removed from the /etc/passwd file and placed in /etc/shadow instead, then an attacker can't use the mechanisms described above in order to figure out someone's password, since he doesn't have the encrypted password strings to work with. Jonathan Kamens USnail: MIT Project Athena 11 Ashford Terrace jik@Athena.MIT.EDU Allston, MA 02134 Office: 617-253-4261 Home: 617-782-0710