On Wed, 2005-02-02 at 09:32 -0800, Tim Alberts wrote: > I'm running apache on a FC3 linux box. I'm trying to make user password > control more available. I know the passwd command to change user > passwords. My question is, if a user enters a password and they forget > it, how can they get the password back out of the system without just > re-entering a new one? > > Specifically, I'm using Linux-PAM with shadow passwords. I don't want > to give users root access. I'm really trying to create a cgi/bash > script that a user can enter their email address and it will email them > there password. Seems like a simple thing to do, but I haven't seen a > command to retreive a current user password from Linux-PAM/shadow > passwords. I could use a MySQL database to keep track of this stuff, > but I prefer to use the security that Linux already provides. Plus, > then I've got plain text passwords in a database or even if I encrypted > them in the database, I have the passwords in two places and then > there's the risk of them getting out of sink (however small a risk). > > I don't think you can "unsalt" the passwords. They are one way encrypted. To change a forgotten password requires root intervention. Bob...
