-1

Is there any way that an administrator could find out the password to another administrator or even non administrator's account?

I've made an oops and forgotten the password I used to use for a few of my machines. I don't want to reset from grub/recovery mode at every box, it would be more helpful to find out that password and keep using it for security reasons.

Worst case scenario I will reset the passwords, but this is not the question, I know how to do that. Yes or no is the format I would genuinely prefer.

Byte Commander
  • 107,489
Tmanok
  • 231
  • No. It would make no sense if one user (admin or not) could easily find paswords of other users. – mikewhatever Feb 09 '18 at 21:57
  • Related: https://askubuntu.com/q/383057/367990 – Byte Commander Feb 09 '18 at 22:20
  • Not entirely certain why I got downvoted but anyway yes it would defeat the purpose and technically yes you can decrypt a hash btw so long as you know it's derivation which seeing as linux is entirely opensource I don't see why not. Good news- passwords recalled! Getting too old for this stuff. – Tmanok Feb 13 '18 at 19:58

3 Answers3

1

No .. the password hash generation is a one way process. You can't reveres the hash to clear text password.

Soren A
  • 6,799
1

On Ubuntu, user passwords are not stored in a feasibly recoverable format, but as hashes.

To be more specific, they are salted and hashed using SHA-512, and the result is stored in /etc/shadow. On a running system, also only root may read this file, but of course if you mount the disk in a different system, it can be read by anyone.

Back to the hash, it's not really possible to reverse the hashing process and recover the original password from it. So against mathematical recovery, the passwords are safe.

However, one can "simply" brute-force it and try all possible passwords until one fits. Intelligent attackers would use dictionaries and try real words and common derivations of these first, as they have a higher probability to be used by humans. This will of course take some time, depending on computational power and length/complexity of the password. SHA512 is just a strong cryptographic hash though, but not a special password hash with extra large computation effort, like e.g. bcrypt or PBKDF2, so it's probably possible to find a rather short password within more or less reasonable time.

So no, you can not recover your password directly, but yes, if you spend enough time and computation power, you can just try until you find it.

Byte Commander
  • 107,489
  • Thank you Byte Commander, I appreciate the insight and yes I suppose it would make sense that a brute force would be quicker than de-hashing the key. SHA512 does have some limitations in SHA2 but I assume Ubuntu is up to date using SHA3 which hasn't been compromised by the public yet. https://en.wikipedia.org/wiki/SHA-2#Comparison_of_SHA_functions – Tmanok Feb 13 '18 at 20:02
0

No. Ubuntu uses a secure algorithm and a salt. This makes it near impossible to find the password, unless it's very weak. If you know the format of the password (e.g. aAaaa#111) it's more trivial to crack. Hashcat is the goto password cracker - but even that may take some significant time.

If another person has access to sudo on the machines, they can reset the password for you. sudo passwd username will change the password for username - without asking for the old password.

Community
  • 1
vidarlo
  • 22,691