Skip to Main Content
Linux Security Cookbook
book

Linux Security Cookbook

by Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
June 2003
Intermediate to advanced content levelIntermediate to advanced
336 pages
8h 54m
English
O'Reilly Media, Inc.
Content preview from Linux Security Cookbook

9.1. Testing Login Passwords (John the Ripper)

Problem

You want to check that all login passwords in your system password database are strong.

Solution

Use John the Ripper, a password-cracking utility from the Openwall Project (http://www.openwall.com). After the software is installed, run:

# cd /var/lib/john
# umask 077
# unshadow /etc/passwd /etc/shadow > mypasswords
# john mypasswords

Cracked passwords will be written into the file john.pot. Cracked username/password pairs can be shown after the fact (or during cracking) with the -show option:

# john -show mypasswords

You can instruct john to crack the passwords of only certain users or groups with the options -users:u1,u2,... or -groups:g1,g2,..., e.g.:

# john -users:smith,jones,akhmed mypasswords

Running john with no options will print usage information.

Discussion

SuSE distributes John the Ripper, but Red Hat does not. If you need it, download the software in source form for Unix from http://www.openwall.com/john, together with its signature, and check the signature before proceeding. [Recipe 7.15]

Unpack the source:

$ tar xvzpf john-*.tar.gz

Prepare to compile:

$ cd `ls -d john-* | head -1`/src
$ make

This will print out a list of targets for various systems; choose the appropriate one for your host, e.g.:

linux-x86-any-elf        Linux, x86, ELF binaries

and run make to build your desired target, e.g.:

$ make linux-x86-any-elf

Install the software, as root:

# cd ../run # mkdir -p /usr/local/sbin # umask 077 # cp -d john un* /usr/local/sbin # mkdir ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux Administration Cookbook

Linux Administration Cookbook

Adam K. Dean

Publisher Resources

ISBN: 0596003919Errata Page