Backup and restore user passwords

password-recovery passwd
10,227

As long as no other changes happen in /etc/shadow or /etc/passwd, this should work just fine. If a user is added, deleted or modified and then you restore an old version, there may be trouble. If you can guarantee that nobody will do any operations involving /etc/passwd or /etc/shadow it will be OK.

You can also edit /etc/shadow, copy the encrypted password somewhere safe, do your password change, and then when needed set the password back to what it was. That way you don't need to touch anything else.

# Obtain the old password and save it in a file
echo $(sudo grep $USER /etc/shadow | cut -f 2 -d ':') >/safe/encrypted-pass
# Here, change the password, do whatever you need, then..
sudo usermod -p $(cat /safe/encrypted-pass) $USER

Note that the -p option to usermod "is not recommended because the password (or encrypted password) will be visible by users listing the processes." So it's up to you to decide if this is a risk that concerns you.

I prefer using commands to do this kind of manipulation, but you can accomplish the same thing manually with a simple text editor.

Share:
10,227

Related videos on Youtube

Captain Giraffe
Author by

Captain Giraffe

Updated on September 18, 2022

Comments

  • Captain Giraffe
    Captain Giraffe over 1 year

    Is it possible to make a file copy to backup users password and then restore them by copying them back?

    It seems that the file in question is /etc/shadow as per http://en.wikipedia.org/wiki/Passwd#Shadow_file

    My intention is to temporary change a users password, sudo passwd user. The original password is unknown to me. I would then restore it to the original password by replacing the /etc/shadow file with the previous copy. I.e.

    sudo cp /etc/shadow /etc/shadow.backup
sudo passwd user
sudo cp /etc/shadow.backup /etc/shadow
sudo rm /etc/shadow.backup

    Is this possible or will I ruin the account?

  • Captain Giraffe
    Captain Giraffe almost 10 years
    Thanks. The usermod ps listing will only be visible while ps is running correct?
  • BlitZz
    BlitZz almost 10 years
    Correct, so your window of vulnerability is very small.
  • Alexis Wilke
    Alexis Wilke over 4 years
    @CaptainGiraffe, it's not just ps, obviously the data is available to ps and thus to any tool that have the same capability. You can see the command line just using cat /proc/<pid>/cmdline. So it's not really that difficult to get the info if you're a good enough hacker. If you are the only one of that server at the time, though, it's 100% safe.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Laravel Password Reset Route not found
Using shell_exec('passwd') to change a user's password
How do i reset the forgotten password of glassfish server 4
Passing input into passwd using pipe
Recover/change encryption password
Special characters in password
Can't change root password, passwd doesn't do anything
"Authentication Manipulation Error" when trying to reset my password
root shell bash commands not working
'root' user does not exist?