We know that users' passwords are saved in /etc/passwd, but in an encrypted way, so even the root can't see them:
jane:x:501:501::/home/jane:/bin/bash
fred:x:502:502::/home/fred:/bin/bash
As shown above, :x: represents the password.
Is there a way (possible configuration) to save the password in the /etc/passwd in clear text and such that the root can see them?
Best Answer
The other two answers have told you—correctly!—that this is a Bad Idea™. But they've also told you its hard to do, requiring changing a bunch of programs.
That's not true. It's very easy. You only need to change one or two configuration files. I feel its important to point this out, because you should be aware of it when logging into systems you don't control. These won't actually put a plain-text password in
/etc/passwdor/etc/shadow, it'll go into a different file. Note I haven't tested these, as I'd rather not have my password in plain text.Edit
/etc/pam.d/common-password(to catch on password changed) or/etc/pam.d/common-auth(to catch on login) and add in… pam_exec expose_authtok log=/root/passwords /bin/catEdit both of those, and switch from pam_unix to pam_userdb with
crypt=none. Alternatively, you could put it only in common-password (leaving pam_unix as well) to just record passwords when they're changed.You could remove the
shadow(as well as any strong hash options) option from pam_unix to disable the shadow file, and go back to traditional crypt passwords. Not plain text, but John the Ripper will fix that for you.For further details, check the PAM System Admin Guide.
You could also edit the source code of PAM, or write your own module. You'd only need to compile PAM (or your module), nothing else.