Question

I am trying to figure out where does Webmin store its passwords on a fedora machine ? Is it stored hashed ? or plain text and where ?

I have tried to search all the system files and Webmin but no luck !

Thanks in advance

Était-ce utile?

La solution 3

By default Webmin is using /etc/shadow file for authentication.

In case Webmin is setup to use password authentication, on Webmin ⇾ Webmin Configuration: Edit Webmin User page, it will also store hashed passwords (i.e. in /etc/webmin/miniserv.users file) based on hashing format defined on Webmin ⇾ Webmin Configuration: Authentication page.

Either way, the passwords for authentication stored by Webmin are always hashed!

Autres conseils

Both the other answers are wrong, at least if the question is about the users of webmin itself. Default (Webmin 1.710) is to allow only webmin users to log in to webmin, with root as the initial only existing user, and shadow authentication for root only.

The webmin user database is stored in /etc/webmin/miniserv.users with traditional unix style contents.

I think it keeps a plaintext copy of the passwords in the /etc/webmin/virtual-server/plainpass dir.

Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
scroll top