Re: John the Ripper

To: debian-user@lists.debian.org
Cc: Jerome BENOIT <benoit@eie.gr>
Subject: Re: John the Ripper
From: Osamu Aoki <osamu@debian.org>
Date: Sun, 27 Oct 2002 09:09:04 -0800
Message-id: <[🔎] 20021027170904.GC15606@aokiconsulting.com>
Mail-followup-to: debian-user@lists.debian.org, Jerome BENOIT <benoit@eie.gr>
In-reply-to: <[🔎] 3DBC12E4.8040903@soc.ufl.edu>
References: <[🔎] 3DBBFEB0.8090201@eie.gr> <[🔎] 3DBC12E4.8040903@soc.ufl.edu>

On Sun, Oct 27, 2002 at 11:23:00AM -0500, Brian Stults wrote:
> Jerome BENOIT wrote:
> >The John package (password cracker) write the file `john.pot'
> >in the root directory '/'.
> >I do not like that:
> >how  can we ask to John to write this file somewhere else ?
> 
> John writes the list of cracked passwords in ~/ which would be /root if 
> run by the superuser.  This should be a very secure directory, so it's 
> probably as good a place as any.

I remember similar problem with fetchmail when I made my own
/etc/init.d/fetchmail.  Basically, process run from /etc/rc2.d/* etc are
run with the root privirage and home directory is / (not /root).

I think you can put 
---
HOME=/whereever
export HOME
... your script starting john
---

in your init.d script's starting section.  This may work.

Also, 
-- 
~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ +++++
        Osamu Aoki <osamu@debian.org>   Cupertino CA USA, GPG-key: A8061F32
 .''`.  Debian Reference: post-installation user's guide for non-developers
 : :' : http://qref.sf.net and http://people.debian.org/~osamu
 `. `'  "Our Priorities are Our Users and Free Software" --- Social Contract

Reply to:

References:
- John the Ripper
  - From: Jerome BENOIT <benoit@eie.gr>
- Re: John the Ripper
  - From: Brian Stults <bstults@soc.ufl.edu>

Prev by Date: Re: John the Ripper
Next by Date: Re: Newbie Questions
Previous by thread: Re: John the Ripper
Next by thread: Re: John the Ripper
Index(es):
- Date
- Thread