From owner-freebsd-questions@FreeBSD.ORG Thu Dec 18 09:41:18 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 91B2E16A4EF for ; Thu, 18 Dec 2003 09:41:18 -0800 (PST) Received: from radicalv.com (secure.radicalv.com [216.118.91.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3552943D5F for ; Thu, 18 Dec 2003 09:39:35 -0800 (PST) (envelope-from ecrist@adtechintegrated.com) Received: (qmail 77755 invoked from network); 18 Dec 2003 17:39:29 -0000 Received: from unknown (HELO Nomad) (66.41.18.160) by mail.radicalv.com with SMTP; 18 Dec 2003 17:39:29 -0000 From: "Eric F Crist" To: "'Rhys John'" , Date: Thu, 18 Dec 2003 11:39:18 -0600 Message-ID: <007d01c3c58d$dd91db10$6401a8c0@Nomad> X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 In-Reply-To: Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: RE: master.passwd -- securing X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Dec 2003 17:41:18 -0000 Why do you want to do this? master.passwd already is inherantly secure. The /etc/passwd file is what's used by most programs, and master.passwd only for login purposes. You have to have the password stored somewhere or there can be no authentication, unless you go with some sort of hardware credential. Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Rhys John Sent: Thursday, December 18, 2003 5:44 AM To: freebsd-questions@freebsd.org Subject: Re: master.passwd -- securing Both accounts are now active but i would like to remove the encrypted password from master.passwd and replace it with a *. Is this possible with "vipw"? Thanks for your reply hugle >From: hugle >Reply-To: hugle >To: freebsd-questions@freebsd.org >Subject: Re: master.passwd -- securing >Date: Thu, 18 Dec 2003 03:39:18 -0800 > >RJ> Ive been playing with "vipw" trying to change passwords into "*" >RJ> for a slightly higher level of security but ran into some very big >RJ> problems. >From >RJ> reading through the FreeBSD handbook it seemed all i had to do was >replace >RJ> the encrypted password with *, which is what i did. I thought it >RJ> seemed >a >RJ> bit odd but continued anyway. Foolishly (although i was quite >RJ> tired) i >did >RJ> this to both my user account and root. So they both had * as their >password >RJ> and looked the same as every other entry in the file. I saved it >RJ> and >"vipw" >RJ> updated the database so i thought all was well and logged off to >check... >RJ> big mistake! The net result of this was not good, i couldnt access >RJ> my >user >RJ> account or root :( Anyway i had to cut the power to my PC since i >couldnt >RJ> shut it down because i was locked out. After that i went into >RJ> single >user >RJ> mode and changed the passwords back and its working now but i cant >RJ> hide >the >RJ> passwords. So i guess after all this rambling my question is how to >RJ> i >secure >RJ> the password file? How do i change from the encrypted password to * >without >RJ> screwing over my system? Any help would by much appreciated > >try doing that: >#Forget your root pw? >1. Reboot. when you see the "boot" prompt, type boot -s and hit enter >2. run this command: fsck -p / && mount -u / 3. use the `passwd` >command to set a password for root 4. reboot, done > >hope that helps.. > > >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to >"freebsd-questions-unsubscribe@freebsd.org" _________________________________________________________________ Find a cheaper internet access deal - choose one to suit you. http://www.msn.co.uk/internetaccess _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"