SCO Unix, Xenix and ODT General FAQ

>How can I find out what a user's password is?

`

You can't, and you don't need to.

Have you lost or forgotten your Linux password? If so, this will help.. If it's not Linux, but some other Unix, the suggestions at Lost or Forgotten Root Password SCO Unix may help.

You can't because the password is not stored anywhere. What is stored is a "hash" created by using the "crypt" function on the password. You could use a password cracking program to find a password that would work, but that is not necessarily the same password the user was using; it's just a word that hashes the same way.

You don't need to because as root, you can login as that user without knowing their password. For example, say you need to login as "jim" but don't know the password. Just type:

 su - jim
 

And, of course, you can always change the user's passwd with:

 passwd jim
 

By the way, programs like "crack" or John the Ripper can't help you get a password for root if you've lost it- ordinarily, all encrypted passwords are stored in /etc/shadow- and that is NOT readable by an ordinary user. Typically, these programs guess passwords, but don't actually attempt to login because unsuccesful logins would trigger locking out the terminal. Instead, they hash their guess and compare it to the stored hash- but if you can't read /etc/shadow, you can't compare.

Got something to add? Send me email.