Re: Shadow password files

[Chuck Yerkes <chuck+obsd_(_at_)_2003_(_dot_)_snew_(_dot_)_com>]

Quoting Marco Peereboom (slash_(_at_)_peereboom_(_dot_)_us):
> > -----Original Message-----
> > Subject: Shadow password files
> > I am working on implementing smtp-auth patch on my qmail 
> > server running OpenBSD 3.1.  I am currently having 
> > difficulties with authentication. 
> I use postfix with the SASL2 auth daemon with the getpwent
> authentication mechanism. Works pretty well but I don't think it is the
> most secure option. Kerberos would arguably be a better alternative
> 
> /marco
> Ps: this is pre coffee and might contain some uncaffeinated opinions...

I use a different database for SMTP auth because, in theory,
that password might be transited in the clear.  Might.  So
I just use a "mail sending password" that's not my main one.

Note also that, last I looked, DJB does not endorse or approve of
these extra modules to qmail - including SMTP/TLS and SMTP-AUTH
modules.  He's not terribly shy or diplomatic in his disapproval
of these.

...
> > lead to believe that the shadow file is simply the 
> > /etc/passwd file that is generated from the master.passwd 
> > file right?  The current permissions are 644.  So my 2 part 
> > question is
> > this:
> > 
> > 1 Did I learn correctly that the passwd file is the "shadow 
> > password" file.

diff /etc/passwd /etc/master.passwd

Aren't the same, are they?

The second chunk of verbiage you get forom "man master.passwd" or
"man passwd" kind of explains it.  No food pellet for you because
you didn't do basic homework.