Date: Thu, 18 Dec 2003 09:15:12 -0600 From: "Micheal Patterson" <micheal@tsgincorporated.com> To: "Rhys John" <elite_bizkit@hotmail.com>, <freebsd-questions@freebsd.org> Subject: Re: master.passwd -- securing Message-ID: <5c8e01c3c579$bd737140$4df24243@tsgincorporated.com> References: <LAW10-F49DmiMzaABwu00044cd3@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Rhys John" <elite_bizkit@hotmail.com> To: <freebsd-questions@freebsd.org> Sent: Thursday, December 18, 2003 5:44 AM Subject: Re: master.passwd -- securing > Both accounts are now active but i would like to remove the encrypted > password from master.passwd and replace it with a *. Is this possible with > "vipw"? > > Thanks for your reply hugle In normal stand alone operation, no. It's not possible at all. There has to be a password hash local to the machine. Now, if you're configured to use another method of password storage as has been previously mentioned, that's a different story. Although, best practice would be to have at least one user account in wheel, and the root user with a valid login password. If you're worried about someone viewing the master.passwd file and obtaining the hash, don't. Only root, by default, can touch that file. If you have someone that has breeched the system to the point they're able to open that file, then the problem of them viewing the password hash is quite moot. -- Micheal Patterson TSG Network Administration 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5c8e01c3c579$bd737140$4df24243>