给定一个 linux 用户名和密码，我如何测试它是否是有效帐户? [英] Given a linux username and a password how can I test if it is a valid account?

问题描述

所以我的问题很简单，给定一个 linux 用户名和密码，我如何测试它是否是一个有效帐户?

So my question is straight forward given a linux username and a password how can I test if it is a valid account?

推荐答案

您可以使用影子文件验证给定用户名的给定密码是否正确.

You can validate that a given password is correct for a given username using the shadow file.

在大多数现代发行版中，散列密码存储在影子文件/etc/shadow 中(只有 root 才能读取).以 root 身份，从给定用户的影子文件中提取该行，如下所示:

On most modern distributions, the hashed passwords are stored in the shadow file /etc/shadow (which is only readable by root). As root, pull the line from the shadow file for the given user like so:

cat /etc/shadow | grep username

你会看到这样的:

username:$1$TrOIigLp$PUHL00kS5UY3CMVaiC0/g0:15020:0:99999:7:::

用户名后面是 $1.这表明它是一个 MD5 散列.之后是另一个 $，然后(在这种情况下)TrOIigLp 后跟另一个 $.TrOIigLp 是盐.之后是散列密码，使用盐进行散列 - 在本例中为 PUHL00kS5UY3CMVaiC0/g0.

After the username there is $1. This indicates that it is an MD5 hash. After that there is another $, then (in this case) TrOIigLp followed by another $. TrOIigLp is the salt. After that is the hashed password, which was hashed using the salt - in this case PUHL00kS5UY3CMVaiC0/g0.

现在，您可以使用 openssl 使用相同的盐对给定密码进行哈希处理，如下所示:

Now, you can use openssl to hash the given password using the same salt, like so:

openssl passwd -1 -salt TrOIigLp

在提示时输入给定的密码，openssl 命令应该使用提供的 salt 计算 MD5 哈希，它应该与上述影子文件中的完全相同.上述命令中的 -1 用于 MD5 散列.

Enter the given password when prompted, the openssl command should compute the MD5 hash using the salt provided, and it should be exactly the same as the above from the shadow file. The -1 in the above command is for MD5 hashing.

这篇关于给定一个 linux 用户名和密码，我如何测试它是否是有效帐户?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！