Password authentication systems
Tim Scheidemantle
tim at zoominternet.net
Fri Aug 11 03:20:15 EDT 2006
Enabling shadow passwords stores them in /etc/shadow which is not world
readable unlike /etc/passwd. They would be encrytped regardless of the
file they are in.
AlbaClause wrote:
> neokosmos at gmail.com wrote:
>
>
>> This may only be tangentially related to Python, but since I am coding
>> a password authentication system in Python, I thought I would ask here.
>>
>> In Linux (and presumably other *NIX systems that support it), when
>> shadow passwords are enabled, the actual password is not stored.
>> Instead an encrypted version is stored. Then, to authenticate the
>> password, the system re-encrypts the user's input to see if it matches
>> the stored, encrypted version.
>>
>>
>
> Correct me if I'm wrong, but I believe that all Linux passwords are
> encrypted whether you enable shadow passwords or not. I believe that when
> you enable shadow passwords, the encrypted passwords are stored in a file
> other than 'passwd'. Is this not correct?
>
>
More information about the Python-list
mailing list