Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

9. Testing and Monitoring > 9.1. Testing Login Passwords (John the Ripper)

9.1. Testing Login Passwords (John the Ripper)

Problem

You want to check that all login passwords in your system password database are strong.

Solution

Use John the Ripper, a password-cracking utility from the Openwall Project (http://www.openwall.com). After the software is installed, run:

# cd /var/lib/john
# umask 077
# unshadow /etc/passwd /etc/shadow > mypasswords
# john mypasswords

Cracked passwords will be written into the file john.pot. Cracked username/password pairs can be shown after the fact (or during cracking) with the -show option:

# john -show mypasswords

You can instruct john to crack the passwords of only certain users or groups with the options -users:u1,u2,... or -groups:g1,g2,..., e.g.:


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint