LinuxϵͳÖеÄÓû§ÃÜÂë´æ´¢»úÖÆÆÊÎö
LinuxϵͳÖеÄÓû§ÃÜÂë´æ´¢»úÖÆÆÊÎö
ÔÚLinuxϵͳÖУ¬Óû§ÃÜÂëµÄ´æ´¢ÊǺÜÊÇÖ÷ÒªµÄÇå¾²»úÖÆÖ®Ò»¡£±¾ÎĽ«ÆÊÎöLinuxϵͳÖÐÓû§ÃÜÂëµÄ´æ´¢»úÖÆ£¬°üÀ¨ÃÜÂëµÄ¼ÓÃÜ´æ´¢¡¢ÃÜÂëµÄÑéÖ¤Àú³ÌÒÔ¼°ÔõÑùÇå¾²µØÖÎÀíÓû§ÃÜÂ롣ͬʱ£¬½«Í¨¹ýÏêϸµÄ´úÂëʾÀýչʾÃÜÂë´æ´¢µÄÏÖʵ²Ù×÷Àú³Ì¡£
Ò»¡¢ÃÜÂëµÄ¼ÓÃÜ´æ´¢
ÔÚLinuxϵͳÖУ¬Óû§ÃÜÂë²¢²»ÊÇÒÔÃ÷ÎĵÄÐÎʽ´æ´¢ÔÚϵͳÖУ¬¶øÊǾÓɼÓÃܺóÉúÑÄ¡£LinuxϵͳÖг£ÓõÄÃÜÂë¼ÓÃÜËã·¨ÊÇSHA-512£¨SHA-256Ò²¿ÉÒÔʹÓã©¡£ÔÚLinuxϵͳÖУ¬Óû§µÄÃÜÂë´æ´¢ÔÚ/etc/shadowÎļþÖУ¬¸ÃÎļþÖÐÉúÑÄÁËÓû§µÄÕ˺ÅÐÅÏ¢£¬°üÀ¨¼ÓÃܺóµÄÃÜÂë¡¢ÃÜÂëÓâÆÚʱ¼ä¡¢ÃÜÂë×îºóÐÞ¸Äʱ¼äµÈ¡£
ÏÂÃæÊÇÒ»¸öʾÀýµÄ/etc/shadowÎļþµÄÄÚÈÝ£º
root:$6$xld94ij$BW0RfSx9WLNAWia7D5PQwx/dNnhTgy8f3W6/vobqEmmhVUISZoL5EwrF8RTXA8xRztRGtUjLzxyBnUqVoJk7Z.:18474:0:99999:7::: user1:$6$du065TO$9v6.LU3F8JbLVQ7FEQEfkrQ.Zd8dxR.Vl5ohZ9uiXG4lF8k1OHkRTrqtzc5RpaC2mvM5KpIe7YH2zUL3MOUEO1:18474:0:99999:7:::
µÇ¼ºó¸´ÖÆ
ÆäÖУ¬µÚÒ»¸ö×Ö¶ÎÌåÏÖÓû§Ãû£¬µÚ¶þ¸ö×Ö¶ÎÊǼÓÃܺóµÄÃÜÂë¡£¿ÉÒÔ¿´µ½£¬ÃÜÂëÒѾ±»¼ÓÃܳÉÒ»¶ÎÂÒÂ룬ÕâÑù×ÝÈ»/etc/shadowÎļþ±»Ð¹Â¶£¬ºÚ¿ÍÒ²ºÜÄÑ»¹Ô³öÓû§µÄÃÜÂë¡£
¶þ¡¢ÃÜÂëµÄÑéÖ¤Àú³Ì
µ±Óû§µÇ¼ϵͳʱ£¬ÏµÍ³»áÑéÖ¤Óû§ÊäÈëµÄÃÜÂëÊÇ·ñ׼ȷ¡£ÑéÖ¤ÃÜÂëµÄÀú³ÌÏÖʵÉϾÍÊǽ«Óû§ÊäÈëµÄÃÜÂëƾ֤ÏàͬµÄ¼ÓÃÜËã·¨¾ÙÐмÓÃÜ£¬È»ºóºÍ/etc/shadowÎļþÖеÄÃÜÂë¾ÙÐбȶԡ£ÈôÊÇÁ½ÕßÒ»Ö£¬ÔòÑéÖ¤Àֳɣ¬ÔÊÐíÓû§µÇ¼£»²»È»Ñé֤ʧ°Ü£¬¾Ü¾øÓû§µÇ¼¡£
ÏÂÃæÊÇÒ»¸ö¼òÆÓµÄÃÜÂëÑéÖ¤µÄ´úÂëʾÀý£¬Ê¹ÓÃPython±àд£º
import crypt import getpass def validate_password(username, password): with open('/etc/shadow', 'r') as f: for line in f: if line.startswith(username + ':'): shadow_entry = line.split(':') encrypted_password = shadow_entry[1] salt = encrypted_password.split('$')[2] new_encrypted_password = crypt.crypt(password, '$6$' + salt + '$') if new_encrypted_password == encrypted_password: return True else: return False return False username = input("Enter username: ") password = getpass.getpass("Enter password: ") if validate_password(username, password): print("Password is correct. Logging in...") else: print("Password is incorrect. Please try again.")
µÇ¼ºó¸´ÖÆ
Èý¡¢Çå¾²µØÖÎÀíÓû§ÃÜÂë
ÖÎÀíÓû§ÃÜÂëÊÇÒ»¸öºÜÊÇÖ÷ÒªµÄÇå¾²ÎÊÌâ¡£Ê×ÏÈ£¬Ó¦¸Ã×èֹʹÓüòÆÓÃÜÂ룬ÍƼöʹÓðüÀ¨¾Þϸд×Öĸ¡¢Êý×ÖºÍÌØÊâ×Ö·ûµÄÖØ´óÃÜÂë¡£Æä´Î£¬°´ÆÚÐÞ¸ÄÃÜÂ룬×èֹʹÓÃͳһ¸öÃÜÂ볤ʱ¼äÎȹ̡£ÁíÍ⣬²»Ó¦¸Ã½«ÃÜÂëÃ÷ÎÄ´æ´¢ÔÚÈκεط½£¬°üÀ¨´úÂëÖС£
ÔÚLinuxϵͳÖУ¬ÖÎÀíÔ±¿ÉÒÔʹÓÃpasswdÏÂÁîÀ´ÐÞ¸ÄÓû§ÃÜÂ룬¸ÃÏÂÁî»á×Ô¶¯½«Óû§ÃÜÂë¼ÓÃܺó´æ´¢µ½/etc/shadowÎļþÖС£ÁíÍ⣬¿ÉÒÔʹÓÃһЩרÃŵÄÃÜÂëÖÎÀí¹¤¾ßÀ´×ÊÖúÖÎÀíÓû§µÄÃÜÂ룬ÈçKeePass¡¢LastPassµÈ¡£
×ܽ᣺
LinuxϵͳÖеÄÓû§ÃÜÂë´æ´¢»úÖÆÊǺÜÊÇÖ÷ÒªµÄÇå¾²»úÖÆ£¬Í¨¹ý¼ÓÃÜ´æ´¢ºÍÑÏ¿áµÄÑéÖ¤Àú³Ì£¬±£»¤ÁËÓû§ÃÜÂë²»±»ÈÝÒ×й¶¡£ÖÎÀíÔ±ÐèÒª°´ÆÚÉó²éÃÜÂëÕ½ÂÔ£¬È·±£Óû§ÃÜÂëµÄÇå¾²ÐÔ¡£Í¬Ê±£¬Óû§Ò²ÐèҪעÖØÃÜÂëµÄÇå¾²ÐÔ£¬×èֹʹÓüòÆÓÃÜÂëºÍ½«ÃÜÂëÃ÷ÎÄ´æ´¢ÔÚ²»Çå¾²µÄµØ·½¡£
ͨ¹ý±¾ÎĵÄÆÊÎöºÍ´úÂëʾÀý£¬Ï£Íû¶ÁÕ߶ÔLinuxϵͳÖÐÓû§ÃÜÂëµÄ´æ´¢»úÖÆÓиüÉîÈëµÄÏàʶ£¬ÒÔÌá¸ßϵͳµÄÇå¾²ÐÔ¡£
¡¾×ÖÊý£º798×Ö¡¿
ÒÔÉϾÍÊÇLinuxϵͳÖеÄÓû§ÃÜÂë´æ´¢»úÖÆÆÊÎöµÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡