Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 25 Aug 2003 22:21:38 +0100
From:      Ceri Davies <setantae@submonkey.net>
To:        Charles Howse <chowse@charter.net>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Using chpass
Message-ID:  <20030825212138.GL2947@submonkey.net>
In-Reply-To: <002e01c36b4c$cfe78910$04fea8c0@moe>
References:  <20030825205300.GK2947@submonkey.net> <002e01c36b4c$cfe78910$04fea8c0@moe>
next in thread | previous in thread | raw e-mail | index | archive | help 

--Cqq5NadOW2RfLMJ/
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Aug 25, 2003 at 04:06:54PM -0500, Charles Howse wrote:
> > > Can someone please set me straight?
> >=20
> > chpass -a "toor::0:0::0:0:Nobody Important:/root:/sbin/nologin" toor
>=20
> Ahaaa!  The quotes!  Thank you!

Well, that, plus the fields for the change and expire times.

> > Note, however, that you're setting the password for this user=20
> > to a null
> > password, allowing any local user in wheel to "su -m toor" if you have
> > added /sbin/nologin to /etc/shells.
>=20
> Understood, if I wanted to keep the same password.....wait a
> minute....what is the default password for toor?

toor normally has a master.passwd entry of '*', meaning that password
authentication will always fail.

> If I wanted to insert a new password, I'd have to use crypt, and paste
> the encrypted password into the proper field, correct?
>=20
> Proper syntax?  Crypt newpassword...?
> I read the crypt/enigma man page and did:
> # crypt newpassword
> (Nothing............................................)
> ^C
> #

crypt(1) is intended for obfuscating file contents really, not for generati=
ng
password hashes (for that, you'd want crypt(3)).

The simplest way to do it would be to either copy the current hash from
/etc/master.passwd, or originally use *, and then change it with passwd(1).

You can generate password hashes with simple scripts, but that's slightly
more involved than I want to go into at the moment (I'm cooking dinner!).

Ceri
--=20
User: DO YOU ACCEPT JESUS CHRIST AS YOUR PERSONAL LORD AND SAVIOR?
Iniaes: Sure, I can accept all forms of payment.
                                           -- www.chatterboxchallenge.com

--Cqq5NadOW2RfLMJ/
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQE/Sn3iocfcwTS3JF8RAmj1AKC73YxIfSr4qcha9TmSny+70N5Z1ACgrtiJ
cbBfzy4Ap5oVO3bJhFaF+tg=
=Xbet
-----END PGP SIGNATURE-----

--Cqq5NadOW2RfLMJ/--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030825212138.GL2947>