Question
I am trying to figure out where does Webmin store its passwords on a fedora machine ? Is it stored hashed ? or plain text and where ?
I have tried to search all the system files and Webmin but no luck !
Thanks in advance
Solution 3
By default Webmin is using /etc/shadow file for authentication.
In case Webmin is setup to use password authentication, on Webmin ⇾ Webmin Configuration: Edit Webmin User page, it will also store hashed passwords (i.e. in /etc/webmin/miniserv.users file) based on hashing format defined on Webmin ⇾ Webmin Configuration: Authentication page.
Either way, the passwords for authentication stored by Webmin are always hashed!
OTHER TIPS
Both the other answers are wrong, at least if the question is about the users of webmin itself. Default (Webmin 1.710) is to allow only webmin users to log in to webmin, with root as the initial only existing user, and shadow authentication for root only.
The webmin user database is stored in /etc/webmin/miniserv.users with traditional unix style contents.
I think it keeps a plaintext copy of the passwords in the /etc/webmin/virtual-server/plainpass dir.
https://stackoverflow.com/questions/19366396
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian