On 15/11/18 2:51 am, Brian wrote: > And what is the value to an attacker in having /etc/shadow, assuming it > can be decrypted in a sensible time frame? Remotely logging in? Surely > not in these days of ssh keys? Well.... re-use of passwords. We all know that if you have a username (often times an email address) and the password used for that username, then there are too many places where that same credentials might be re-used elsewhere. A.