SlideShare uma empresa Scribd logo
1 de 25
Baixar para ler offline
Brief Summary of Standard
Password Hashes on Unix and
Linux Systems 2014
RHEL and CentOS 6.5, OpenSUSE 13.1, Ubuntu 14.04, Oracle Linux 6.5,
FreeBSD10, HP-UX11i v3, Solaris 11
Dusan Baljevic
Sydney, Australia
Standard Password Hashes Unix and
Linux Systems – May 2014
The following information is based on current versions of
operating systems:
RHEL and CentOS 6.5
OpenSUSE 13.1
Ubuntu 14.04
Oracle Linux 6.5
FreeBSD 10
HP-UX 11i v3
Solaris 11
Standard Password Hash Example
Contrary to popular belief, the account password entries in /etc/shadow can have
more than three "$"-separators (hint: when one, for example, uses SHA-256 or SHA-
512 hashing and non-default number of rounds).
On standard servers, three "$"-separated values in the second “:”-separated field
are part of the user entry in /etc/shadow (line wrapped-around for readability):
someusr:$5$Y4HhzEPz$mXSHm95E/4MQPp.3X4Km5R/ysct0WT45FzdX2mPkon.:
0:99999:7:::on.:
The string of interest for further discussion:
$5$Y4HhzEPz$mXSHm95E/4MQPp.3X4Km5R/ysct0WT45FzdX2mPkon.
Inside Hashed Password String
What is inside the password string $5$Salt$Hash from the previous slide:
$5 SHA-256 hashing
Salt "Y4HhzEPz"
Hash "mXSHm95E/4MQPp.3X4Km5R/ysct0WT45FzdX2mPkon."
The extra "$"-separated field can exist when non-default number of rounds (see next
slide) is implemented. Then we have, for example, $6$Rounds$Salt$Hash:
$6$rounds=85000
$pA/kjrZS$wo0980kwEuE28ER6moiaHzuDqO/VZMoxfvbXK1i/cW2BdJjI8xH/
1WgD7RH7UaxM1SDLYsPtPgiMF9orb1Iwi.
$6 SHA-512 hashing
Rounds 85000 times
Salt "pA/kjrZS"
Hash "wo0980kwEuE28ER6moiaHzuDqO/VZMoxfvbXK1i/cW2BdJjI8xH/
1WgD7RH7UaxM1SDLYsPtPgiMF9orb1Iwi."
Rounds in Password Hashes
The security of existing hashing algorithms like MD5 can be increased.
It is done through process known as "rounds" - a parameter associated with almost
every password hashing algorithm.
The process of increasing rounds is known as "Key Stretching“, by making a weak
password more secure to brute-force attacks, through increasing the time needed to
test each key.
For example, rounds=85000 means the system must compute 85000 hashes every
time a user logs in. This imposes a restriction that an attacker has to compute 85000
hashes for each password they are trying to compromise against the hash in
/etc/shadow. Therefore the attacker will be delayed by a factor of 85000. Most
modern computers will take less that 1 second to compute 85000 hashes.
If there is no specification for the rounds option, the system will use the default value
for the given algorithm.
Examples of Valid Password Hashes on
Linux Systems*
SHA-256 hashing:
$5$Y4HhzEPz$mXSHm95E/4MQPp.3X4Km5R/ysct0WT45FzdX2mPkon.
SHA-512 hashing account with non-default rounds:
$6$rounds=85000$pA/kjrZS
$wo0980kwEuE28ER6moiaHzuDqO/VZMoxfvbXK1i/cW2BdJjI8xH/
1WgD7RH7UaxM1SDLYsPtPgiMF9orb1Iwi.
SHA-512 hashing account:
$6$zgpfWfGc
$ACfCZLTLeJzLhiC1gyO0Bj5JlD337zAW.L25FpYz07QalwRQJYAJ
8AIFL69PxK2XwoDehTLzPT64AsrMUsL1o0
MD5 hashing account:
$1$6tAaCsfx$E2amS8ko4ks1lxz7izSL//
Blowfish hashing account:
$2y$05$Z4taSkam70Vc9mMqtrAby25ixpstvJUf49gqzPtjhkscGgu4Zvd6c
Example of Password Hashes in Perl *
my %PWHASHARR = ( "1", "hashing-algorithm=MD5",
"2a", "hashing-algorithm=Blowfish",
"5", "hashing-algorithm=SHA-256",
"6", "hashing-algorithm=SHA-512",
);
Default string length (in characters) for encrypted part of the password string (third
or fourth “$”-separated field in password hash in /etc/shadow):
my %PWLEN = ( "1", "22",
"2a", "53",
"5", "43",
"6", "86",
);
If DES is used (strongly discouraged!) the length is 13 characters.
If, for example SHA-512 is used, the encrypted part of password is, by default, 86
characters long in /etc/shadow
Linux Standard Hashes
In current Linux distributions, the following prefixes for hashes are standard:
"1" hashing-algorithm=BSD-MD5
"2a" hashing-algorithm=BSD-Blowfish
"2y" hashing-algorithm=BSD-Blowfish (SUSE)
"5" hashing-algorithm=SHA-256
"6" hashing-algorithm=SHA-512
"" hashing-algorithm=DES
"_" hashing-algorithm=Extended-BSDI-DES (SUSE)
FreeBSD Standard Hashes
In current FreeBSD 10 distributions, the following prefixes for
hashes are standard:
"1" hashing-algorithm=MD5
"2" hashing-algorithm=Blowfish
"3" hashing-algorithm=NT-Hash
"4" (unused)
"5" hashing-algorithm=SHA-256
"6" hashing-algorithm=SHA-512
The NT-hash scheme does not use a salt, and is easy to exploit.
Solaris 11 Standard Hashes
In current Solaris distributions, the following prefixes for
hashes are standard:
"1" hashing-algorithm=BSD-MD5
"2a" hashing-algorithm=Blowfish
“MD5" hashing-algorithm=SUN-MD5
"5" hashing-algorithm=SHA-256
"6" hashing-algorithm=SHA-512
"__unix__" hashing-algorithm=DES (deprecated)
AIX 7 Standard Hashes
In current AIX distributions, the following prefixes for hashes are
standard:
File /etc/security/login.cfg, attribute pwd_algorithm defines default
hash on AIX systems: crypt, which is the legacy crypt algorithm.
"crypt" hashing-algorithm=DES
It can be changed to an algorithm listed in /etc/security/pwdalg.cfg
file.
File /etc/security/pwdalg.cfg lists additional supported encryption
algorithms. For AIX 7 the additional supported algorithms are:
"smd5" hashing-algorithm=MD5
"ssha256" hashing-algorithm=SHA-256
HP-UX 11i v3 Standard Hashes
Default prefix for hash is:
"__unix__" hashing-algorithm=DES
HP-UX 11i v1 (11.11) and 11i v2 (11.23) do not support changing the
encryption algorithm. To support changing the encryption algorithm
on 11i v3 (11.31) systems, the Password Hash Infrastructure for HP-
UX 11i v3 (PHI11i3) package must be installed (/etc/default/security,
entry CRYPT_DEFAULT - default value is "__unix__“ the legacy
encryption algorithm). The only other supported prefix is “6”, which
implements an algorithm based on SHA-512:
"6" hashing-algorithm=SHA-512
HP-UX 11i v3 SHA-512 Restrictions
• HP-UX PHI11i3 can be installed only on systems with passwords
stored in the /etc/shadow file.
• Supported with files, but not supported with other nameserver switch
backends, such as NIS. To configure system to use only files, ensure
that the passwd: line in /etc/nsswitch.conf contains only files.
• To use HP-UX PHI11i3 with SSH, must install HP-UX Secure Shell
A.05.00.26 or later. Also, must set "UsePAM yes" in
/etc/opt/ssh/sshd_config.
• To use the pcnfsd commands with HP-UX PHI11i3, must install
ONCplus B.11.31.02 or later.
• Some third party applications may assume that password hashes are
DES-based only. These applications would not function correctly with
HP-UX PHI11i3.
Recommendations forUnix
Minimum recommended password hashing should be SHA-512 if
supported by operating system.
To change the password hashing type, follow the examples below:
On FreeBSD edit /etc/login.conf
On AIX edit /etc/security/login.cfg
On Solaris edit /etc/security/policy.conf
On HP-UX 11i v3 (11.31) with Password Hash Infrastructure edit
/etc/default/security
Recommendations forLinux
Minimum recommended password hashing should be SHA-512 if
supported by operating system.
For different Linux systems, one of following methods is used (check
the manuals for your distribution):
Run "authconfig --passalgo=sha512 --update“
Set "CRYPT=SHA512" in /etc/default/passwd
Modify "password" line in /etc/pam.d/common-password
Set "ENCRYPT_METHOD SHA512" in /etc/login.defs
How to Change Numberof Rounds on
RHEL, Debian, Ubuntu Distributions
Edit /etc/pam.d/passwd (like wrapped around for readability):
password required pam_unix.so sha512 shadow
nullok rounds=85000
How to Change Numberof Rounds on
SUSE Distributions
Edit /etc/default/passwd
CRYPT=SHA512
SHA512_CRYPT_FILES=85000
How to Change Numberof Rounds on
Solaris
Edit /etc/security/crypt.conf
md5 crypt_sunmd5.so.1 rounds=85000
6 crypt_sha512.so.1 rounds=23000
How to Change Numberof Rounds on AIX
Edit /etc/security/pwdalg.cfg
sblowfish:
lpa_module = /usr/lib/security/sblowfish
lpa_options = cost_num=16
ssha256:
lpa_module = /usr/lib/security/ssha
lpa_options = algorithm=sha256,cost_num=9,salt_len=24
In above case, when Blowfish algorithm used, number of rounds is entered
as 2 ^ cost_num. For 65536 (2^16) rounds, specify the setting as 16.
The valid value of cost_num is an integer between 4 and 31, inclusive.
How to Change Numberof Rounds on
FreeBSD
Currently supported through a patch. Not yet part of
mainstream release.
It adds a string to /etc/login.conf that is the first part of the crypt
to use which will provide the number of rounds as well.
How to Change Numberof Rounds on HP-
UX
Not supported!
Interesting Problemto ThinkAbout –
Part 1
To test security in its basic form, I modified the password hash by one character for
a user on Ubuntu system. That made any future login session for a user invalid. I
then verified if the standard tools detect any anomaly of the hash - they did not:
# passwd –Sa (or passwd –S username, depends on Linux distribution)
# pwck –r
# aureport (default Auditd configuration)
Therefore, it is strongly recommended to use more comprehensive auditing and
host intrusion detection methods to prevent password file corruption orexploits.
For standard audits, the following link provides access to Perl script that runs
various checks on Linux systems (similar can be used on other Unix-like O/S):
http://www.circlingcycle.com.au/Unix-sources/Linux-audit-account-password-
hashing.pl.txt
Interesting Problemto ThinkAbout –
Part 2
Here is an extract from results of the Perl script that runs various checks on
Linux systems. In this specific case, comparison between shadow file and
its backup is executed:
http://www.circlingcycle.com.au/Unix-sources/Linux-audit-account-
password-hashing.pl.txt
…
INFO: /etc/shadow differs from backup file /etc/shadow-
INFO: Offending entries in /etc/shadow
root:
$6$T7rwPnT7$3aEtdWD04XnIDuJ00jOF/ORzywzIuVMAP/.pJMzM/Ke0G9
9IvMZ/5zJ/kDL2wgzMWNPpeobQYG0Re5FBCoCTb.:16188:0:99999:7
…
Future?
Many interesting projects are underway to improve security.
One of them is an open competition for password hashing
algorithms, using the successful model of the previous competitions
like AES, eSTREAM and SHA-3:
https://password-hashing.net/
Portfolio of "good algorithms" is to be obtained by mid-2015,
according to the provisional timeline.
The submissions must include the following desired functionality:
Ability to transform an existing hash to a different cost setting without
knowledge of the password
Thank You!
For other interesting summaries you are welcome to check
Slideshare, or my own website:
http://www.circlingcycle.com.au/
http://www.circlingcycle.com.au/Unix-sources/
http://www.circlingcycle.com.au/Unix-and-Linux-presentations/
Dusan Baljevic, May 2014

Mais conteúdo relacionado

Mais procurados

Anthony McKeown Drupal Presentation
Anthony McKeown Drupal PresentationAnthony McKeown Drupal Presentation
Anthony McKeown Drupal PresentationTony McKeown
 
101 4.3 control mounting and unmounting of filesystems
101 4.3 control mounting and unmounting of filesystems101 4.3 control mounting and unmounting of filesystems
101 4.3 control mounting and unmounting of filesystemsAcácio Oliveira
 
Год в Github bugbounty, опыт участия
Год в Github bugbounty, опыт участияГод в Github bugbounty, опыт участия
Год в Github bugbounty, опыт участияdefcon_kz
 
Oracle database 12c client quick installation guide 8
Oracle database 12c client quick installation guide 8Oracle database 12c client quick installation guide 8
Oracle database 12c client quick installation guide 8bupbechanhgmail
 
Hadoop Cluster - Basic OS Setup Insights
Hadoop Cluster - Basic OS Setup InsightsHadoop Cluster - Basic OS Setup Insights
Hadoop Cluster - Basic OS Setup InsightsSruthi Kumar Annamnidu
 
Chroot Protection and Breaking
Chroot Protection and BreakingChroot Protection and Breaking
Chroot Protection and BreakingAnton Chuvakin
 
Lecture 4 FreeBSD Security + FreeBSD Jails + MAC Security Framework
Lecture 4 FreeBSD Security + FreeBSD Jails + MAC Security FrameworkLecture 4 FreeBSD Security + FreeBSD Jails + MAC Security Framework
Lecture 4 FreeBSD Security + FreeBSD Jails + MAC Security FrameworkMohammed Farrag
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsAndrew Case
 
Oracle database 12c client quick installation guide 3
Oracle database 12c client quick installation guide 3Oracle database 12c client quick installation guide 3
Oracle database 12c client quick installation guide 3bupbechanhgmail
 
OMFW 2012: Analyzing Linux Kernel Rootkits with Volatlity
OMFW 2012: Analyzing Linux Kernel Rootkits with VolatlityOMFW 2012: Analyzing Linux Kernel Rootkits with Volatlity
OMFW 2012: Analyzing Linux Kernel Rootkits with VolatlityAndrew Case
 
RHCE FINAL Questions and Answers
RHCE FINAL Questions and AnswersRHCE FINAL Questions and Answers
RHCE FINAL Questions and AnswersRadien software
 
Squid proxy-configuration-guide
Squid proxy-configuration-guideSquid proxy-configuration-guide
Squid proxy-configuration-guidejasembo
 
My sql monitoring cu沙龙
My sql monitoring cu沙龙My sql monitoring cu沙龙
My sql monitoring cu沙龙colderboy17
 
Domino9on centos6
Domino9on centos6Domino9on centos6
Domino9on centos6a8us
 

Mais procurados (19)

Anthony McKeown Drupal Presentation
Anthony McKeown Drupal PresentationAnthony McKeown Drupal Presentation
Anthony McKeown Drupal Presentation
 
Presentation1
Presentation1Presentation1
Presentation1
 
101 4.3 control mounting and unmounting of filesystems
101 4.3 control mounting and unmounting of filesystems101 4.3 control mounting and unmounting of filesystems
101 4.3 control mounting and unmounting of filesystems
 
Год в Github bugbounty, опыт участия
Год в Github bugbounty, опыт участияГод в Github bugbounty, опыт участия
Год в Github bugbounty, опыт участия
 
Oracle database 12c client quick installation guide 8
Oracle database 12c client quick installation guide 8Oracle database 12c client quick installation guide 8
Oracle database 12c client quick installation guide 8
 
Hadoop Cluster - Basic OS Setup Insights
Hadoop Cluster - Basic OS Setup InsightsHadoop Cluster - Basic OS Setup Insights
Hadoop Cluster - Basic OS Setup Insights
 
Chroot Protection and Breaking
Chroot Protection and BreakingChroot Protection and Breaking
Chroot Protection and Breaking
 
[ArabBSD] Unix Basics
[ArabBSD] Unix Basics[ArabBSD] Unix Basics
[ArabBSD] Unix Basics
 
Lecture 4 FreeBSD Security + FreeBSD Jails + MAC Security Framework
Lecture 4 FreeBSD Security + FreeBSD Jails + MAC Security FrameworkLecture 4 FreeBSD Security + FreeBSD Jails + MAC Security Framework
Lecture 4 FreeBSD Security + FreeBSD Jails + MAC Security Framework
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory Forensics
 
Oracle database 12c client quick installation guide 3
Oracle database 12c client quick installation guide 3Oracle database 12c client quick installation guide 3
Oracle database 12c client quick installation guide 3
 
OMFW 2012: Analyzing Linux Kernel Rootkits with Volatlity
OMFW 2012: Analyzing Linux Kernel Rootkits with VolatlityOMFW 2012: Analyzing Linux Kernel Rootkits with Volatlity
OMFW 2012: Analyzing Linux Kernel Rootkits with Volatlity
 
RHCE FINAL Questions and Answers
RHCE FINAL Questions and AnswersRHCE FINAL Questions and Answers
RHCE FINAL Questions and Answers
 
Squid proxy-configuration-guide
Squid proxy-configuration-guideSquid proxy-configuration-guide
Squid proxy-configuration-guide
 
My sql monitoring cu沙龙
My sql monitoring cu沙龙My sql monitoring cu沙龙
My sql monitoring cu沙龙
 
Domino9on centos6
Domino9on centos6Domino9on centos6
Domino9on centos6
 
Hta w22
Hta w22Hta w22
Hta w22
 
Lecture1 Introduction
Lecture1  IntroductionLecture1  Introduction
Lecture1 Introduction
 
Linux Hardening - Made Easy
Linux Hardening - Made EasyLinux Hardening - Made Easy
Linux Hardening - Made Easy
 

Semelhante a Brief summary-standard-password-hashes-Aix-FreeBSD-Linux-Solaris-HP-UX-May-2014-by-Dusan-Baljevic

Securing Your Web Server
Securing Your Web ServerSecuring Your Web Server
Securing Your Web Servermanugoel2003
 
Linux advanced privilege escalation
Linux advanced privilege escalationLinux advanced privilege escalation
Linux advanced privilege escalationJameel Nabbo
 
7 unixsecurity
7 unixsecurity7 unixsecurity
7 unixsecurityricharddxd
 
Red Hat Linux 5 Hardening Tips - National Security Agency
Red Hat Linux 5 Hardening Tips - National Security AgencyRed Hat Linux 5 Hardening Tips - National Security Agency
Red Hat Linux 5 Hardening Tips - National Security Agencysanchetanparmar
 
Unix Security
Unix SecurityUnix Security
Unix Securityreplay21
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSHnussbauml
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
lamp technology
lamp technologylamp technology
lamp technologyDeepa
 
Deepa ppt about lamp technology
Deepa ppt about lamp technologyDeepa ppt about lamp technology
Deepa ppt about lamp technologyDeepa
 
Ansible automation tool with modules
Ansible automation tool with modulesAnsible automation tool with modules
Ansible automation tool with modulesmohamedmoharam
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guideCraig Cannon
 

Semelhante a Brief summary-standard-password-hashes-Aix-FreeBSD-Linux-Solaris-HP-UX-May-2014-by-Dusan-Baljevic (20)

Securing Your Web Server
Securing Your Web ServerSecuring Your Web Server
Securing Your Web Server
 
9i hp relnotes
9i hp relnotes9i hp relnotes
9i hp relnotes
 
Linux advanced privilege escalation
Linux advanced privilege escalationLinux advanced privilege escalation
Linux advanced privilege escalation
 
7 unixsecurity
7 unixsecurity7 unixsecurity
7 unixsecurity
 
Red Hat Linux 5 Hardening Tips - National Security Agency
Red Hat Linux 5 Hardening Tips - National Security AgencyRed Hat Linux 5 Hardening Tips - National Security Agency
Red Hat Linux 5 Hardening Tips - National Security Agency
 
Adhocr T-dose 2012
Adhocr T-dose 2012Adhocr T-dose 2012
Adhocr T-dose 2012
 
UnixShells.ppt
UnixShells.pptUnixShells.ppt
UnixShells.ppt
 
Unix Security
Unix SecurityUnix Security
Unix Security
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSH
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
lamp technology
lamp technologylamp technology
lamp technology
 
Deepa ppt about lamp technology
Deepa ppt about lamp technologyDeepa ppt about lamp technology
Deepa ppt about lamp technology
 
Sahu
SahuSahu
Sahu
 
Ansible automation tool with modules
Ansible automation tool with modulesAnsible automation tool with modules
Ansible automation tool with modules
 
Linux filesystemhierarchy
Linux filesystemhierarchyLinux filesystemhierarchy
Linux filesystemhierarchy
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricks
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guide
 
Cent os 5 ssh
Cent os 5 sshCent os 5 ssh
Cent os 5 ssh
 

Mais de Circling Cycle

Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014Circling Cycle
 
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-BaljevicHow to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-BaljevicCircling Cycle
 
Ovclusterinfo command by Dusan Baljevic
Ovclusterinfo command by Dusan BaljevicOvclusterinfo command by Dusan Baljevic
Ovclusterinfo command by Dusan BaljevicCircling Cycle
 
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan BaljevicUnix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan BaljevicCircling Cycle
 
HP-UX 11i Log File Management with Logrotate by Dusan Baljevic
HP-UX 11i Log File Management with Logrotate by Dusan BaljevicHP-UX 11i Log File Management with Logrotate by Dusan Baljevic
HP-UX 11i Log File Management with Logrotate by Dusan BaljevicCircling Cycle
 
How to Remove Primary Swap on HP-UX 11iv3 Online by Dusan Baljevic
How to Remove Primary Swap on HP-UX 11iv3 Online by Dusan BaljevicHow to Remove Primary Swap on HP-UX 11iv3 Online by Dusan Baljevic
How to Remove Primary Swap on HP-UX 11iv3 Online by Dusan BaljevicCircling Cycle
 
HP-UX 11iv3 Private Kernel Parameter nfile by Dusan Baljevic
HP-UX 11iv3 Private Kernel Parameter nfile by Dusan BaljevicHP-UX 11iv3 Private Kernel Parameter nfile by Dusan Baljevic
HP-UX 11iv3 Private Kernel Parameter nfile by Dusan BaljevicCircling Cycle
 
HP-UX 11i LVM Mirroring Features and Multi-threads by Dusan Baljevic
HP-UX 11i LVM Mirroring Features and Multi-threads by Dusan BaljevicHP-UX 11i LVM Mirroring Features and Multi-threads by Dusan Baljevic
HP-UX 11i LVM Mirroring Features and Multi-threads by Dusan BaljevicCircling Cycle
 
HP-UX with Rsync by Dusan Baljevic
HP-UX with Rsync by Dusan BaljevicHP-UX with Rsync by Dusan Baljevic
HP-UX with Rsync by Dusan BaljevicCircling Cycle
 
Three CLI Methods to Find Console IP details on HP-UX by Dusan Baljevic
Three CLI Methods to Find Console IP details on HP-UX by Dusan BaljevicThree CLI Methods to Find Console IP details on HP-UX by Dusan Baljevic
Three CLI Methods to Find Console IP details on HP-UX by Dusan BaljevicCircling Cycle
 
HP-UX RBAC Audsys Setup by Dusan Baljevic
HP-UX RBAC Audsys Setup by Dusan BaljevicHP-UX RBAC Audsys Setup by Dusan Baljevic
HP-UX RBAC Audsys Setup by Dusan BaljevicCircling Cycle
 
HP-UX Dynamic Root Disk Boot Disk Cloning Benefits and Use Cases by Dusan Bal...
HP-UX Dynamic Root Disk Boot Disk Cloning Benefits and Use Cases by Dusan Bal...HP-UX Dynamic Root Disk Boot Disk Cloning Benefits and Use Cases by Dusan Bal...
HP-UX Dynamic Root Disk Boot Disk Cloning Benefits and Use Cases by Dusan Bal...Circling Cycle
 
HP-UX Swap and Dump Unleashed by Dusan Baljevic
HP-UX Swap and Dump Unleashed by Dusan BaljevicHP-UX Swap and Dump Unleashed by Dusan Baljevic
HP-UX Swap and Dump Unleashed by Dusan BaljevicCircling Cycle
 
HP-UX 11iv3 Ignite-UX with NFSv4 and SSH Tunnel by Dusan Baljevic
HP-UX 11iv3 Ignite-UX with NFSv4 and SSH Tunnel by Dusan BaljevicHP-UX 11iv3 Ignite-UX with NFSv4 and SSH Tunnel by Dusan Baljevic
HP-UX 11iv3 Ignite-UX with NFSv4 and SSH Tunnel by Dusan BaljevicCircling Cycle
 
HP-UX Dynamic Root Disk vs Solaris Live Upgrade vs AIX Multibos by Dusan Balj...
HP-UX Dynamic Root Disk vs Solaris Live Upgrade vs AIX Multibos by Dusan Balj...HP-UX Dynamic Root Disk vs Solaris Live Upgrade vs AIX Multibos by Dusan Balj...
HP-UX Dynamic Root Disk vs Solaris Live Upgrade vs AIX Multibos by Dusan Balj...Circling Cycle
 
HP-UX 11iv3 How to Change Root Volume Group Name vg00 by Dusan Baljevic
HP-UX 11iv3 How to Change Root Volume Group Name vg00 by Dusan BaljevicHP-UX 11iv3 How to Change Root Volume Group Name vg00 by Dusan Baljevic
HP-UX 11iv3 How to Change Root Volume Group Name vg00 by Dusan BaljevicCircling Cycle
 
Better Settings for /tmp Filesystem on HP-UX by Dusan Baljevic
Better Settings for /tmp Filesystem on HP-UX by Dusan BaljevicBetter Settings for /tmp Filesystem on HP-UX by Dusan Baljevic
Better Settings for /tmp Filesystem on HP-UX by Dusan BaljevicCircling Cycle
 
Comparison of Unix and Linux Log File Management Tools by Dusan Baljevic
Comparison of Unix and Linux Log File Management Tools by Dusan BaljevicComparison of Unix and Linux Log File Management Tools by Dusan Baljevic
Comparison of Unix and Linux Log File Management Tools by Dusan BaljevicCircling Cycle
 

Mais de Circling Cycle (18)

Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
 
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-BaljevicHow to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
 
Ovclusterinfo command by Dusan Baljevic
Ovclusterinfo command by Dusan BaljevicOvclusterinfo command by Dusan Baljevic
Ovclusterinfo command by Dusan Baljevic
 
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan BaljevicUnix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
 
HP-UX 11i Log File Management with Logrotate by Dusan Baljevic
HP-UX 11i Log File Management with Logrotate by Dusan BaljevicHP-UX 11i Log File Management with Logrotate by Dusan Baljevic
HP-UX 11i Log File Management with Logrotate by Dusan Baljevic
 
How to Remove Primary Swap on HP-UX 11iv3 Online by Dusan Baljevic
How to Remove Primary Swap on HP-UX 11iv3 Online by Dusan BaljevicHow to Remove Primary Swap on HP-UX 11iv3 Online by Dusan Baljevic
How to Remove Primary Swap on HP-UX 11iv3 Online by Dusan Baljevic
 
HP-UX 11iv3 Private Kernel Parameter nfile by Dusan Baljevic
HP-UX 11iv3 Private Kernel Parameter nfile by Dusan BaljevicHP-UX 11iv3 Private Kernel Parameter nfile by Dusan Baljevic
HP-UX 11iv3 Private Kernel Parameter nfile by Dusan Baljevic
 
HP-UX 11i LVM Mirroring Features and Multi-threads by Dusan Baljevic
HP-UX 11i LVM Mirroring Features and Multi-threads by Dusan BaljevicHP-UX 11i LVM Mirroring Features and Multi-threads by Dusan Baljevic
HP-UX 11i LVM Mirroring Features and Multi-threads by Dusan Baljevic
 
HP-UX with Rsync by Dusan Baljevic
HP-UX with Rsync by Dusan BaljevicHP-UX with Rsync by Dusan Baljevic
HP-UX with Rsync by Dusan Baljevic
 
Three CLI Methods to Find Console IP details on HP-UX by Dusan Baljevic
Three CLI Methods to Find Console IP details on HP-UX by Dusan BaljevicThree CLI Methods to Find Console IP details on HP-UX by Dusan Baljevic
Three CLI Methods to Find Console IP details on HP-UX by Dusan Baljevic
 
HP-UX RBAC Audsys Setup by Dusan Baljevic
HP-UX RBAC Audsys Setup by Dusan BaljevicHP-UX RBAC Audsys Setup by Dusan Baljevic
HP-UX RBAC Audsys Setup by Dusan Baljevic
 
HP-UX Dynamic Root Disk Boot Disk Cloning Benefits and Use Cases by Dusan Bal...
HP-UX Dynamic Root Disk Boot Disk Cloning Benefits and Use Cases by Dusan Bal...HP-UX Dynamic Root Disk Boot Disk Cloning Benefits and Use Cases by Dusan Bal...
HP-UX Dynamic Root Disk Boot Disk Cloning Benefits and Use Cases by Dusan Bal...
 
HP-UX Swap and Dump Unleashed by Dusan Baljevic
HP-UX Swap and Dump Unleashed by Dusan BaljevicHP-UX Swap and Dump Unleashed by Dusan Baljevic
HP-UX Swap and Dump Unleashed by Dusan Baljevic
 
HP-UX 11iv3 Ignite-UX with NFSv4 and SSH Tunnel by Dusan Baljevic
HP-UX 11iv3 Ignite-UX with NFSv4 and SSH Tunnel by Dusan BaljevicHP-UX 11iv3 Ignite-UX with NFSv4 and SSH Tunnel by Dusan Baljevic
HP-UX 11iv3 Ignite-UX with NFSv4 and SSH Tunnel by Dusan Baljevic
 
HP-UX Dynamic Root Disk vs Solaris Live Upgrade vs AIX Multibos by Dusan Balj...
HP-UX Dynamic Root Disk vs Solaris Live Upgrade vs AIX Multibos by Dusan Balj...HP-UX Dynamic Root Disk vs Solaris Live Upgrade vs AIX Multibos by Dusan Balj...
HP-UX Dynamic Root Disk vs Solaris Live Upgrade vs AIX Multibos by Dusan Balj...
 
HP-UX 11iv3 How to Change Root Volume Group Name vg00 by Dusan Baljevic
HP-UX 11iv3 How to Change Root Volume Group Name vg00 by Dusan BaljevicHP-UX 11iv3 How to Change Root Volume Group Name vg00 by Dusan Baljevic
HP-UX 11iv3 How to Change Root Volume Group Name vg00 by Dusan Baljevic
 
Better Settings for /tmp Filesystem on HP-UX by Dusan Baljevic
Better Settings for /tmp Filesystem on HP-UX by Dusan BaljevicBetter Settings for /tmp Filesystem on HP-UX by Dusan Baljevic
Better Settings for /tmp Filesystem on HP-UX by Dusan Baljevic
 
Comparison of Unix and Linux Log File Management Tools by Dusan Baljevic
Comparison of Unix and Linux Log File Management Tools by Dusan BaljevicComparison of Unix and Linux Log File Management Tools by Dusan Baljevic
Comparison of Unix and Linux Log File Management Tools by Dusan Baljevic
 

Último

99.99% of Your Traces Are (Probably) Trash (SRECon NA 2024).pdf
99.99% of Your Traces  Are (Probably) Trash (SRECon NA 2024).pdf99.99% of Your Traces  Are (Probably) Trash (SRECon NA 2024).pdf
99.99% of Your Traces Are (Probably) Trash (SRECon NA 2024).pdfPaige Cruz
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Valere | Digital Solutions & AI Transformation Portfolio | 2024
Valere | Digital Solutions & AI Transformation Portfolio | 2024Valere | Digital Solutions & AI Transformation Portfolio | 2024
Valere | Digital Solutions & AI Transformation Portfolio | 2024Alexander Turgeon
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...Daniel Zivkovic
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 

Último (20)

99.99% of Your Traces Are (Probably) Trash (SRECon NA 2024).pdf
99.99% of Your Traces  Are (Probably) Trash (SRECon NA 2024).pdf99.99% of Your Traces  Are (Probably) Trash (SRECon NA 2024).pdf
99.99% of Your Traces Are (Probably) Trash (SRECon NA 2024).pdf
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Valere | Digital Solutions & AI Transformation Portfolio | 2024
Valere | Digital Solutions & AI Transformation Portfolio | 2024Valere | Digital Solutions & AI Transformation Portfolio | 2024
Valere | Digital Solutions & AI Transformation Portfolio | 2024
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 

Brief summary-standard-password-hashes-Aix-FreeBSD-Linux-Solaris-HP-UX-May-2014-by-Dusan-Baljevic

  • 1. Brief Summary of Standard Password Hashes on Unix and Linux Systems 2014 RHEL and CentOS 6.5, OpenSUSE 13.1, Ubuntu 14.04, Oracle Linux 6.5, FreeBSD10, HP-UX11i v3, Solaris 11 Dusan Baljevic Sydney, Australia
  • 2. Standard Password Hashes Unix and Linux Systems – May 2014 The following information is based on current versions of operating systems: RHEL and CentOS 6.5 OpenSUSE 13.1 Ubuntu 14.04 Oracle Linux 6.5 FreeBSD 10 HP-UX 11i v3 Solaris 11
  • 3. Standard Password Hash Example Contrary to popular belief, the account password entries in /etc/shadow can have more than three "$"-separators (hint: when one, for example, uses SHA-256 or SHA- 512 hashing and non-default number of rounds). On standard servers, three "$"-separated values in the second “:”-separated field are part of the user entry in /etc/shadow (line wrapped-around for readability): someusr:$5$Y4HhzEPz$mXSHm95E/4MQPp.3X4Km5R/ysct0WT45FzdX2mPkon.: 0:99999:7:::on.: The string of interest for further discussion: $5$Y4HhzEPz$mXSHm95E/4MQPp.3X4Km5R/ysct0WT45FzdX2mPkon.
  • 4. Inside Hashed Password String What is inside the password string $5$Salt$Hash from the previous slide: $5 SHA-256 hashing Salt "Y4HhzEPz" Hash "mXSHm95E/4MQPp.3X4Km5R/ysct0WT45FzdX2mPkon." The extra "$"-separated field can exist when non-default number of rounds (see next slide) is implemented. Then we have, for example, $6$Rounds$Salt$Hash: $6$rounds=85000 $pA/kjrZS$wo0980kwEuE28ER6moiaHzuDqO/VZMoxfvbXK1i/cW2BdJjI8xH/ 1WgD7RH7UaxM1SDLYsPtPgiMF9orb1Iwi. $6 SHA-512 hashing Rounds 85000 times Salt "pA/kjrZS" Hash "wo0980kwEuE28ER6moiaHzuDqO/VZMoxfvbXK1i/cW2BdJjI8xH/ 1WgD7RH7UaxM1SDLYsPtPgiMF9orb1Iwi."
  • 5. Rounds in Password Hashes The security of existing hashing algorithms like MD5 can be increased. It is done through process known as "rounds" - a parameter associated with almost every password hashing algorithm. The process of increasing rounds is known as "Key Stretching“, by making a weak password more secure to brute-force attacks, through increasing the time needed to test each key. For example, rounds=85000 means the system must compute 85000 hashes every time a user logs in. This imposes a restriction that an attacker has to compute 85000 hashes for each password they are trying to compromise against the hash in /etc/shadow. Therefore the attacker will be delayed by a factor of 85000. Most modern computers will take less that 1 second to compute 85000 hashes. If there is no specification for the rounds option, the system will use the default value for the given algorithm.
  • 6. Examples of Valid Password Hashes on Linux Systems* SHA-256 hashing: $5$Y4HhzEPz$mXSHm95E/4MQPp.3X4Km5R/ysct0WT45FzdX2mPkon. SHA-512 hashing account with non-default rounds: $6$rounds=85000$pA/kjrZS $wo0980kwEuE28ER6moiaHzuDqO/VZMoxfvbXK1i/cW2BdJjI8xH/ 1WgD7RH7UaxM1SDLYsPtPgiMF9orb1Iwi. SHA-512 hashing account: $6$zgpfWfGc $ACfCZLTLeJzLhiC1gyO0Bj5JlD337zAW.L25FpYz07QalwRQJYAJ 8AIFL69PxK2XwoDehTLzPT64AsrMUsL1o0 MD5 hashing account: $1$6tAaCsfx$E2amS8ko4ks1lxz7izSL// Blowfish hashing account: $2y$05$Z4taSkam70Vc9mMqtrAby25ixpstvJUf49gqzPtjhkscGgu4Zvd6c
  • 7. Example of Password Hashes in Perl * my %PWHASHARR = ( "1", "hashing-algorithm=MD5", "2a", "hashing-algorithm=Blowfish", "5", "hashing-algorithm=SHA-256", "6", "hashing-algorithm=SHA-512", ); Default string length (in characters) for encrypted part of the password string (third or fourth “$”-separated field in password hash in /etc/shadow): my %PWLEN = ( "1", "22", "2a", "53", "5", "43", "6", "86", ); If DES is used (strongly discouraged!) the length is 13 characters. If, for example SHA-512 is used, the encrypted part of password is, by default, 86 characters long in /etc/shadow
  • 8. Linux Standard Hashes In current Linux distributions, the following prefixes for hashes are standard: "1" hashing-algorithm=BSD-MD5 "2a" hashing-algorithm=BSD-Blowfish "2y" hashing-algorithm=BSD-Blowfish (SUSE) "5" hashing-algorithm=SHA-256 "6" hashing-algorithm=SHA-512 "" hashing-algorithm=DES "_" hashing-algorithm=Extended-BSDI-DES (SUSE)
  • 9. FreeBSD Standard Hashes In current FreeBSD 10 distributions, the following prefixes for hashes are standard: "1" hashing-algorithm=MD5 "2" hashing-algorithm=Blowfish "3" hashing-algorithm=NT-Hash "4" (unused) "5" hashing-algorithm=SHA-256 "6" hashing-algorithm=SHA-512 The NT-hash scheme does not use a salt, and is easy to exploit.
  • 10. Solaris 11 Standard Hashes In current Solaris distributions, the following prefixes for hashes are standard: "1" hashing-algorithm=BSD-MD5 "2a" hashing-algorithm=Blowfish “MD5" hashing-algorithm=SUN-MD5 "5" hashing-algorithm=SHA-256 "6" hashing-algorithm=SHA-512 "__unix__" hashing-algorithm=DES (deprecated)
  • 11. AIX 7 Standard Hashes In current AIX distributions, the following prefixes for hashes are standard: File /etc/security/login.cfg, attribute pwd_algorithm defines default hash on AIX systems: crypt, which is the legacy crypt algorithm. "crypt" hashing-algorithm=DES It can be changed to an algorithm listed in /etc/security/pwdalg.cfg file. File /etc/security/pwdalg.cfg lists additional supported encryption algorithms. For AIX 7 the additional supported algorithms are: "smd5" hashing-algorithm=MD5 "ssha256" hashing-algorithm=SHA-256
  • 12. HP-UX 11i v3 Standard Hashes Default prefix for hash is: "__unix__" hashing-algorithm=DES HP-UX 11i v1 (11.11) and 11i v2 (11.23) do not support changing the encryption algorithm. To support changing the encryption algorithm on 11i v3 (11.31) systems, the Password Hash Infrastructure for HP- UX 11i v3 (PHI11i3) package must be installed (/etc/default/security, entry CRYPT_DEFAULT - default value is "__unix__“ the legacy encryption algorithm). The only other supported prefix is “6”, which implements an algorithm based on SHA-512: "6" hashing-algorithm=SHA-512
  • 13. HP-UX 11i v3 SHA-512 Restrictions • HP-UX PHI11i3 can be installed only on systems with passwords stored in the /etc/shadow file. • Supported with files, but not supported with other nameserver switch backends, such as NIS. To configure system to use only files, ensure that the passwd: line in /etc/nsswitch.conf contains only files. • To use HP-UX PHI11i3 with SSH, must install HP-UX Secure Shell A.05.00.26 or later. Also, must set "UsePAM yes" in /etc/opt/ssh/sshd_config. • To use the pcnfsd commands with HP-UX PHI11i3, must install ONCplus B.11.31.02 or later. • Some third party applications may assume that password hashes are DES-based only. These applications would not function correctly with HP-UX PHI11i3.
  • 14. Recommendations forUnix Minimum recommended password hashing should be SHA-512 if supported by operating system. To change the password hashing type, follow the examples below: On FreeBSD edit /etc/login.conf On AIX edit /etc/security/login.cfg On Solaris edit /etc/security/policy.conf On HP-UX 11i v3 (11.31) with Password Hash Infrastructure edit /etc/default/security
  • 15. Recommendations forLinux Minimum recommended password hashing should be SHA-512 if supported by operating system. For different Linux systems, one of following methods is used (check the manuals for your distribution): Run "authconfig --passalgo=sha512 --update“ Set "CRYPT=SHA512" in /etc/default/passwd Modify "password" line in /etc/pam.d/common-password Set "ENCRYPT_METHOD SHA512" in /etc/login.defs
  • 16. How to Change Numberof Rounds on RHEL, Debian, Ubuntu Distributions Edit /etc/pam.d/passwd (like wrapped around for readability): password required pam_unix.so sha512 shadow nullok rounds=85000
  • 17. How to Change Numberof Rounds on SUSE Distributions Edit /etc/default/passwd CRYPT=SHA512 SHA512_CRYPT_FILES=85000
  • 18. How to Change Numberof Rounds on Solaris Edit /etc/security/crypt.conf md5 crypt_sunmd5.so.1 rounds=85000 6 crypt_sha512.so.1 rounds=23000
  • 19. How to Change Numberof Rounds on AIX Edit /etc/security/pwdalg.cfg sblowfish: lpa_module = /usr/lib/security/sblowfish lpa_options = cost_num=16 ssha256: lpa_module = /usr/lib/security/ssha lpa_options = algorithm=sha256,cost_num=9,salt_len=24 In above case, when Blowfish algorithm used, number of rounds is entered as 2 ^ cost_num. For 65536 (2^16) rounds, specify the setting as 16. The valid value of cost_num is an integer between 4 and 31, inclusive.
  • 20. How to Change Numberof Rounds on FreeBSD Currently supported through a patch. Not yet part of mainstream release. It adds a string to /etc/login.conf that is the first part of the crypt to use which will provide the number of rounds as well.
  • 21. How to Change Numberof Rounds on HP- UX Not supported!
  • 22. Interesting Problemto ThinkAbout – Part 1 To test security in its basic form, I modified the password hash by one character for a user on Ubuntu system. That made any future login session for a user invalid. I then verified if the standard tools detect any anomaly of the hash - they did not: # passwd –Sa (or passwd –S username, depends on Linux distribution) # pwck –r # aureport (default Auditd configuration) Therefore, it is strongly recommended to use more comprehensive auditing and host intrusion detection methods to prevent password file corruption orexploits. For standard audits, the following link provides access to Perl script that runs various checks on Linux systems (similar can be used on other Unix-like O/S): http://www.circlingcycle.com.au/Unix-sources/Linux-audit-account-password- hashing.pl.txt
  • 23. Interesting Problemto ThinkAbout – Part 2 Here is an extract from results of the Perl script that runs various checks on Linux systems. In this specific case, comparison between shadow file and its backup is executed: http://www.circlingcycle.com.au/Unix-sources/Linux-audit-account- password-hashing.pl.txt … INFO: /etc/shadow differs from backup file /etc/shadow- INFO: Offending entries in /etc/shadow root: $6$T7rwPnT7$3aEtdWD04XnIDuJ00jOF/ORzywzIuVMAP/.pJMzM/Ke0G9 9IvMZ/5zJ/kDL2wgzMWNPpeobQYG0Re5FBCoCTb.:16188:0:99999:7 …
  • 24. Future? Many interesting projects are underway to improve security. One of them is an open competition for password hashing algorithms, using the successful model of the previous competitions like AES, eSTREAM and SHA-3: https://password-hashing.net/ Portfolio of "good algorithms" is to be obtained by mid-2015, according to the provisional timeline. The submissions must include the following desired functionality: Ability to transform an existing hash to a different cost setting without knowledge of the password
  • 25. Thank You! For other interesting summaries you are welcome to check Slideshare, or my own website: http://www.circlingcycle.com.au/ http://www.circlingcycle.com.au/Unix-sources/ http://www.circlingcycle.com.au/Unix-and-Linux-presentations/ Dusan Baljevic, May 2014

Notas do Editor

  1. * Lines wrapped for readability
  2. * Taken from Linux systems, string lengths apply to other operating systems too
  3. * Lines wrapped for readability
  4. * Lines wrapped for readability
  5. * Lines wrapped for readability
  6. * Lines wrapped for readability
  7. * Lines wrapped for readability