Date: Wed, 7 Mar 2001 20:03:11 -0600 From: Mike Meyer <mwm@mired.org> To: Christoph Sold <so@server.i-clue.de> Cc: questions@freebsd.org Subject: Re: A * as encrypted password? Message-ID: <15014.59487.554524.618514@guru.mired.org> In-Reply-To: <97017956@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
Christoph Sold <so@server.i-clue.de> types: > Walter Hop schrieb: > > > > [in reply to so@server.i-clue.de, 07-03-2001] > > > > >> Can I put with vipw a * as password? Or do I have to do that when I create > > >> it? > > > > > > Just make create the user, using any password you like. After that, edit > > > /etc/master.passwd, putting the "*" into the passwd field > > > > I believe just editing the master.passwd file without running pwd_mkdb(8) > > has no effect. The vipw tool runs some checks and does this for you. > > Sorry to condratict Walter, but: Likewise. > The vipw tool encrypts the "*" to a valid passwd string, thus you may > login using the passwd "*". Do as I said first and nobody will be able > to login, because the string "*" will never match any encrypted passwd. 4.2-STABLE doesn't do this. Neither does any other Unix system I've dealt with. > Try it: create test user, vipw his passwd to "*", log in using passwd > "*". Next, vi /etc/master.passwd, changing the encrypted passwd to "*", > try to login again. Well, I did - and I can't log in using "*" after the first step. In fact, checking /etc/master.passwd shows the "*" in the password field, so it didn't encrypt it. If I then use passwd to set the password, /etc/passwd has a "*", but /etc/master.passwd has a long string of gibberish, and I can indeed log in using the new password. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15014.59487.554524.618514>
