Subject: Re: Verify pwd.db file?
To: None <netbsd-users@netbsd.org>
From: Christos Zoulas <christos@astron.com>
List: netbsd-users
Date: 06/15/2007 19:41:05
In article <78a2305a0706150839s4cd5167bw61c21094275735b9@mail.gmail.com>,
Andy Ruhl <acruhl@gmail.com> wrote:
>On 6/15/07, Liam Foy <liamfoy@sepulcrum.org> wrote:
>> I don't understand what the huge benefit of having a feature like this
>> would actually be.
>
>To see if an attacker has installed a pwd.db file. I'm not sure if
>that's the most valuable thing to do, but it's something to check.
Well "/usr/bin/db -S b hash /etc/pwd.db" dumps it, and you can write some
awk/sort/ etc to format it in the password way. Or we can teach db about
different db formats :-)
christos