From owner-freebsd-questions Wed Mar 7 18: 3:15 2001 Delivered-To: freebsd-questions@freebsd.org Received: from guru.mired.org (okc-65-26-235-186.mmcable.com [65.26.235.186]) by hub.freebsd.org (Postfix) with SMTP id 0B9C237B719 for ; Wed, 7 Mar 2001 18:03:13 -0800 (PST) (envelope-from mwm@mired.org) Received: (qmail 81606 invoked by uid 100); 8 Mar 2001 02:03:11 -0000 From: Mike Meyer MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15014.59487.554524.618514@guru.mired.org> Date: Wed, 7 Mar 2001 20:03:11 -0600 To: Christoph Sold Cc: questions@freebsd.org Subject: Re: A * as encrypted password? In-Reply-To: <97017956@toto.iv> X-Mailer: VM 6.89 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Christoph Sold types: > Walter Hop schrieb: > > > > [in reply to so@server.i-clue.de, 07-03-2001] > > > > >> Can I put with vipw a * as password? Or do I have to do that when I create > > >> it? > > > > > > Just make create the user, using any password you like. After that, edit > > > /etc/master.passwd, putting the "*" into the passwd field > > > > I believe just editing the master.passwd file without running pwd_mkdb(8) > > has no effect. The vipw tool runs some checks and does this for you. > > Sorry to condratict Walter, but: Likewise. > The vipw tool encrypts the "*" to a valid passwd string, thus you may > login using the passwd "*". Do as I said first and nobody will be able > to login, because the string "*" will never match any encrypted passwd. 4.2-STABLE doesn't do this. Neither does any other Unix system I've dealt with. > Try it: create test user, vipw his passwd to "*", log in using passwd > "*". Next, vi /etc/master.passwd, changing the encrypted passwd to "*", > try to login again. Well, I did - and I can't log in using "*" after the first step. In fact, checking /etc/master.passwd shows the "*" in the password field, so it didn't encrypt it. If I then use passwd to set the password, /etc/passwd has a "*", but /etc/master.passwd has a long string of gibberish, and I can indeed log in using the new password. http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message