[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: password hash in shadow file

On 14/03/18 09:20, tomas@tuxteam.de wrote:
> On Tue, Mar 13, 2018 at 07:36:19PM +0100, Sven Hartge wrote:
>> But on that note: I wonder of one could create a PAM module which will
>> do just that on successful login. Once you *know* you have the right
>> password (and the PAM system has that knowledge including the plain text
>> password the user entered) just rehash it and update /etc/shadow.
>> This will gradually upgrade all hashes once a user uses an account.
> That would be downright sneaky :-)

That's quite common for web apps, isn't it? Not with PAM though, presumably.


Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: