SALT on LINUX
What is SALT ?
Salt is usully added to one encryption algorithm to make the encryption stronger.
for Example:
we use md5 encrypted passwords in /etc/shadow file where each password is prtected with additional salt value that is randmly choosen by the password program.
Eg: $1$caLZPGSJ$fNw6sNf1GFiZaKUxFih9h.
The structure of this encrypted password is
$......$..............$...................
First $ to second $ shows the Type of Encryption.
Second $ to third $ is the Salt
and rest of the string is the Encrypted value.
so, by adding random SALT we ensure the encryption to be much stronger and difficult to crack.
***********************************************************************************
TIP 1:-
How to force a users to change their passwords upon first login?
1.) Firstly, lock the account to prevent the user from using the login until the change has been made:
# usermod -L
2.) Change the password expiration date to 0 to ensure the user changes the password during the next login:
# chage -d 0
3.) To unlock the account after the change ,do the following:
# usermod -U
This procedure involves the administrator's attention (to unlock the account) even after the user has changed his password.
2nd method to do this.
# usermod -p “”
# chage -d 0
first assign an empty password string to the user and then set the password expiry as 0
Salt is usully added to one encryption algorithm to make the encryption stronger.
for Example:
we use md5 encrypted passwords in /etc/shadow file where each password is prtected with additional salt value that is randmly choosen by the password program.
Eg: $1$caLZPGSJ$fNw6sNf1GFiZaKUxFih9h.
The structure of this encrypted password is
$......$..............$...................
First $ to second $ shows the Type of Encryption.
Second $ to third $ is the Salt
and rest of the string is the Encrypted value.
so, by adding random SALT we ensure the encryption to be much stronger and difficult to crack.
***********************************************************************************
TIP 1:-
How to force a users to change their passwords upon first login?
1.) Firstly, lock the account to prevent the user from using the login until the change has been made:
# usermod -L
2.) Change the password expiration date to 0 to ensure the user changes the password during the next login:
# chage -d 0
3.) To unlock the account after the change ,do the following:
# usermod -U
This procedure involves the administrator's attention (to unlock the account) even after the user has changed his password.
2nd method to do this.
# usermod -p “”
# chage -d 0
first assign an empty password string to the user and then set the password expiry as 0
Comments