Oracle Database Administration Blog » how to find the password changed by http://www.bestremotedba.com Specially Created for Remote DBAs and Junior DBAs Fri, 30 Dec 2011 05:43:39 +0000 en hourly 1 http://wordpress.org/?v=3.2.1 Who Changed the password – Unix – Linux http://www.bestremotedba.com/who-changed-the-password-unix-linux/ http://www.bestremotedba.com/who-changed-the-password-unix-linux/#comments Fri, 22 Jan 2010 02:57:16 +0000 mudhalvan http://www.bestremotedba.com/?p=510

How to find out who changed the password in Unix or Linux

We can check it in messages file in /var/log folder

Then Edit the file in those time and line and then before you will be able to know who logged into that server at what time from which IP address.

[root@TEST log]# pwd
/var/log
[root@TEST log]# cat messages |grep password
Jan 22 11:03:37 TEST passwd(pam_unix)[800]: password changed for oracle

]]> http://www.bestremotedba.com/who-changed-the-password-unix-linux/feed/ 0