Migrating a RedHat users file to FreeBSD/OpenBSD


First, figure out if your Linux password file is shadowed or not. If it is, install John the Ripper from packages or ports (security/john) and use the unshadow utility that comes with it to merge your passwd and shadow files into one Sixth Edition-style file.

Using your Linux password file, we’ll call it linux_passwd, you need to add in ::0:0 between fields four and seven. awk(1) does this for you.

At this point, you want to edit the new_passwd file and remove the root and other system entries that are already present in your OpenBSD password file or aren’t applicable with OpenBSD (all of them). Also, make sure there are no duplicate usernames or user IDs between new_passwd and your OpenBSD box’s /etc/passwd. The easiest way to do this is to start with a fresh /etc/passwd

The last step, pwd_mkdb is necessary to rebuild the /etc/spwd.db and /etc/pwd.db files. It also creates a Sixth Edition-style password file (minus encrypted passwords) at /etc/passwd for programs which use it. OpenBSD uses a stronger encryption for passwords, blowfish, which is very unlikely to be found on any system which uses full Sixth Edition-style password files. To switch over to this stronger encryption, simply have the users run ‘passwd’ and change their password. The new password they enter will be encrypted with your default setting (usually blowfish unless you’ve edited /etc/login.conf). Or, as root, you can run passwd username.

Also you will want to copy over the groups file. note again, only copy over groups that do not exist in both.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">