9 - Migrating to OpenBSD
9.3 - Converting your Linux (or other Sixth Edition-style) 
password file to BSD-style
First, figure out if your Linux password file is shadowed or not. If it is, install 
John the Ripper
from 
packages or ports
 (
security/john
) and use the unshadow utility that comes with it to merge your 
passwd
and 
shadow
files into one Sixth Edition-style file. 
Using your Linux password file, we'll call it 
linux_passwd
, you need to add in ::0:0 between fields 
four and seven. 
awk(1)
 does this for you. 
# cat linux_passwd | awk -F : '{printf("%s:%s:%s:%s::0:0:%s:
%s:%s\n", \
> $1,$2,$3,$4,$5,$6,$7); }' > new_passwd
At this point, you want to edit the 
new_passwd
file and remove the root and other system entries that 
are already present in your OpenBSD password file or aren't applicable with OpenBSD (all of them). 
Also, make sure there are no duplicate usernames or user IDs between 
new_passwd
and your 
OpenBSD box's 
/etc/passwd
. The easiest way to do this is to start with a fresh 
/etc/passwd
. 
# cat new_passwd >> /etc/master.passwd
# pwd_mkdb -p /etc/master.passwd
The last step, 
pwd_mkdb
is necessary to rebuild the /etc/spwd.db and /etc/pwd.db files. It also creates a 
Sixth Edition-style password file (minus encrypted passwords) at /etc/passwd for programs which use it. 
OpenBSD uses a stronger encryption for passwords, blowfish, which is very unlikely to be found on any 
system which uses full Sixth Edition-style password files. To switch over to this stronger encryption, 
simply have the users run 'passwd' and change their password. The new password they enter will be 
encrypted with your default setting (usually blowfish unless you've edited /etc/login.conf). Or, as root, 
you can run 
passwd username
. 

Download 1.27 Mb.

Do'stlaringiz bilan baham: