So I found this article which said:
$ sudo -u postgres psql
postgres=> alter user postgres password 'apassword';
postgres=> create user your-user createdb createuser password 'passwd';
postgres=> create database your-db-name owner your-user;
Note: to enable password logins for the ‘postgres’ admin account, edit: /etc/postgresql/9.4/main/pg_hba.conf and after this line:
local all postgres peer
Add this line:
local all postgres md5
See How to Disable Password Authentication for SSH.
Then restart the SSH server:
service sshd restart
To change a user’s Kerberos password (on charity):
sudo kadmin -p root -w `cat /home/jj5/kadmin_root_pass` -q 'cpw eguser'
Where ‘eguser’ is the username of the account being changed.
Found an interesting article: About Secure Password Hashing.
Today I read Salted Password Hashing – Doing it Right which was a good run-down on how to do password hashing. The article linked to phpass: Portable PHP password hashing framework which is a library for hashing passwords.
Needed to set a MySQL root password. Found this article which suggested a way when no password is yet configured:
mysqladmin -u root password NEWPASSWORD
And a way when a password is already configured:
mysqladmin -u root -p'oldpassword' password newpass
Note: you use ‘mysqladmin’ not ‘mysql’.
I read Password Primer today:
- Use at least 8-10 characters.
- Interchange upper and lower case letters with numbers and symbols.
- Consider a “Passphrase” like “Every good band deserves fans”: “!eGbAdfns2”
- Change your password every 6 to 8 months and immediately if you believe it’s been compromised.
- NEVER share your password with anyone you don’t trust – some would say never share your password PERIOD.
- Don’t write your password(s) on sticky notes and then post them to your monitor!
- Avoid using the same passwords for all of your accounts.
- Never send your password to someone in an e-mail.
- Don’t use the “Remember Password” option in browsers or websites
- NEVER make your login and your password the same thing.
Learned about the chage command today. Can be used to set the expiry of a Linux account. There’s some more information about disabling user accounts.
I was looking for a good overview article that explained the process of password hashing and I found Password Encryption, Hashing, Salting Explained which was a pretty good run down.
On a related note I reread the Wikipedia page on HMAC.