How can we decrypt open source(Linux)?
Friday, June 19th, 2009 at
10:04
If Linux is open source any one can know where the password are stored and if they are encrypted any one can decrypt it using source code. I am only familiar with paragent.com . its an open source project and works well for our company.
Regards,
Bmora
Tagged with: Linux • open source project • source code
Filed under: Open Source
Like this post? Subscribe to my RSS feed and get loads more!
If you mean operating system passwords, you cannot decrypt them – doesn't matter if the OS is open source or not.
Unix and other systems including Windows, web sites, content management systems, databases etc do not store the passwords themselves. Instead, they calculate digest out of password and store that digest (in /etc/passwd or /etc/shadow file in case of Unix).
That encryption is one-way – you can't deduce original password from it. When user logs in, that digest is calculated again on the password they entered and compared against the stored one. If they match, the access is granted.
Having said that, certain systems do store encrypted password, for example, if they need to automatically log into other external systems (databases, OS shells, etc), but that is done differently in every case – that function is not standardized.