jump to content
Snippets and tips
  1. Home
  2. Holiday
  3. Posts
  4. Tools
  5. Tags
  6. Categories
  1. Hei and welcome
  2. Posts
  3. Simple Passwords

Simple Passwords

how to change passwords to weak ones

Simple hack to add weak passwords to the system.

Disclaimer #

This is a hack one should only employ for private servers, not for machines containing sensible materials.

The password store #

The passwords are stored in an encrypted form in /etc/shadow. Normally, this file is quite access restricted, not giving read access to everybody. Passwords and general security is managed by PAM, the Pluggable Authentication Modules which might prevent the change of passwords due to minimal password requirements. (see /etc/security/passwdqc.conf)

The usual tool to deal with passwords is the program passwd. That one allows users to change their passwords but is subjected to the PAM-rules. A different one is chpasswd, which often is employed in scripts.

OpenSSL to the rescue #

The OpenSSL suite comes with the subtool openssl passwd which allows one to specify the algorithm. Moreover, it is not subjected to the PAM-rules and can create weak entries. The output generated by this tool can be added to /etc/shadow using an editor.