Solved: Password hashes?

Guardian1234 · ‎12-11-2012

One of my fellow admins said that it is entirely possible to place ESXi 5 password hashes into the password file rather than the shadow file.

Anyone ever hear of this!?!?!?!?!

Thx.

Josh26 · ‎12-11-2012

Although I continue to argue "ESXi is not Linux", this is something that doesn't make much sense in the Linux world and I doubt it makes much sense here.

Where else would you put it?

shadow is already a well audited and protected system. Password is world readable.

View solution in original post

Josh26 · ‎12-11-2012

Although I continue to argue "ESXi is not Linux", this is something that doesn't make much sense in the Linux world and I doubt it makes much sense here.

Where else would you put it?

shadow is already a well audited and protected system. Password is world readable.

Guardian1234 · ‎12-12-2012

I agree completely. When I questioned my coworker this AM (she was on the way out yesterday when it was mentioned), it became apparent that there was little UNIX savvy there, let alone ESXi savvy.

I explained that the shadow file was one of the basic 3 that are part and parcel to the PAM system natively used by ESXi and its existence is supported by pam_unix.so. All I got back was a "deer-in-the-headlights" look, which confirmed the non-savvy theory.

While alot of "cherry-pickers" looked at this post w/o replying, I appreciate your taking time to give a response, so... Josh26, the correct answer goes to you!

Thx again.

Tsjo · ‎12-12-2012

I haven't checked if it is, but as long pwconv and/or pwunconv exists on the system you can convert between shadow and passwd as much as you like.

It's not recommended but it's possible.

If you find this information useful, please award points for "correct" or "helpful".

Guardian1234 · ‎12-12-2012

Neither of those cmds appear to exist on ESXi 5.0.

They may have on earlier version of X, where there was a COS.

Thx.