Radius_user_machin user password stored with MD5 on 8.4
2 years ago
Originally Published: 2020-07-10
Article Number
000056479
Applies To
RSA Product Set: RSA SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.4.0.x
 
Issue
- The Radius_user_<UniqueNumber> user password stored with MD5 hash in /etc/shadow on 8.4.0.x
Tasks
- View the Radius user password encryption
- Change the Radius password from MD5 to SHA512
 
Resolution
1- Login to the Primary server SSH as rsaadmin then switch to root 
login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter operating system password>
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@am84p:~> sudo -i
[sudo] password for rsaadmin:

2- View the users password under /etc/shadow 
am84p:~ # cat /etc/shadow

root:*:16944::::::
bin:*:16944::::::
daemon:*:16944::::::
mail:*:16944::::::
man:*:16944::::::
wwwrun:*:16944::::::
nobody:*:16944::::::
messagebus:*:16944:0:99999:7:::
polkituser:*:16944:0:99999:7:::
haldaemon:*:16944:0:99999:7:::
vscan:*:16944:0:99999:7:::
sshd:*:16944:0:99999:7:::
ntp:*:16944:0:99999:7:::
rsaadmin:$6$pZ0exwUTHnQI$L69ojy25On2ptQTH5mOJfRVUrDEgkALgcANWAsuCH25W1hDYjE.NIcbyfmBD1GVu/T9Okje2yf1q.teEhqAlA.:18241:0:99999:7:::
Radius_user_cpy5jrhk:$1$wIF1rMOp$WYHqAUuB7CS6ha1y3Yuu/.:17274:0:99999:7:::
Note: The Radius_user_cpy5jrhk will have a different unique number in you deployment 

The password hash starting with $1 means that it's hashed with MD5, other hashing algorithms below.
- 1 -> MD5
- 2a -> Blowfish 
- 5 -> SHA-256 
- 6 -> SHA-512 

Related Articles

Trending Articles

Don't see what you're looking for?