From the course: LPIC-1 Exam 102 (Version 5.0) Cert Prep
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Awareness of shadow passwords - Linux Tutorial
From the course: LPIC-1 Exam 102 (Version 5.0) Cert Prep
Awareness of shadow passwords
- [Instructor] In most systems passwords are encoded using a one way hash such as MD5 or SHA. A hash function takes a string of characters of any length as input and produces an encoded string of characters a fixed length, which acts as a kind of signature for the data provided. One way hashes are not reversible and as such, you cannot get the plain text from the hash. Note that for these slides, I've used an MD5 hash due to its shorter length. Most modern Linux systems use a much longer and more secure SHA512 hash even though a one way hash cannot be reversed, it can be cracked by taking words from a dictionary one at a time, hashing them and comparing the output to the hashed password to see if they match. Linux has additional protection against dictionary attacks called a salt. A salt is a set of random characters that are appended to the password before it's hashed. The salt is stored in the password files with the…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.