From owner-freebsd-questions@FreeBSD.ORG Mon Aug 25 14:21:41 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5684016A4D6 for ; Mon, 25 Aug 2003 14:21:41 -0700 (PDT) Received: from shrike.submonkey.net (pc3-cdif2-5-cust222.cdif.cable.ntl.com [81.101.152.222]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F8B943FDD for ; Mon, 25 Aug 2003 14:21:40 -0700 (PDT) (envelope-from setantae@submonkey.net) Received: from setantae by shrike.submonkey.net with local (Exim 4.20) id 19rOmQ-000Eeq-Sh; Mon, 25 Aug 2003 22:21:38 +0100 Date: Mon, 25 Aug 2003 22:21:38 +0100 From: Ceri Davies To: Charles Howse Message-ID: <20030825212138.GL2947@submonkey.net> References: <20030825205300.GK2947@submonkey.net> <002e01c36b4c$cfe78910$04fea8c0@moe> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Cqq5NadOW2RfLMJ/" Content-Disposition: inline In-Reply-To: <002e01c36b4c$cfe78910$04fea8c0@moe> User-Agent: Mutt/1.5.4i Sender: Ceri Davies cc: freebsd-questions@freebsd.org Subject: Re: Using chpass X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Aug 2003 21:21:41 -0000 --Cqq5NadOW2RfLMJ/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Aug 25, 2003 at 04:06:54PM -0500, Charles Howse wrote: > > > Can someone please set me straight? > >=20 > > chpass -a "toor::0:0::0:0:Nobody Important:/root:/sbin/nologin" toor >=20 > Ahaaa! The quotes! Thank you! Well, that, plus the fields for the change and expire times. > > Note, however, that you're setting the password for this user=20 > > to a null > > password, allowing any local user in wheel to "su -m toor" if you have > > added /sbin/nologin to /etc/shells. >=20 > Understood, if I wanted to keep the same password.....wait a > minute....what is the default password for toor? toor normally has a master.passwd entry of '*', meaning that password authentication will always fail. > If I wanted to insert a new password, I'd have to use crypt, and paste > the encrypted password into the proper field, correct? >=20 > Proper syntax? Crypt newpassword...? > I read the crypt/enigma man page and did: > # crypt newpassword > (Nothing............................................) > ^C > # crypt(1) is intended for obfuscating file contents really, not for generati= ng password hashes (for that, you'd want crypt(3)). The simplest way to do it would be to either copy the current hash from /etc/master.passwd, or originally use *, and then change it with passwd(1). You can generate password hashes with simple scripts, but that's slightly more involved than I want to go into at the moment (I'm cooking dinner!). Ceri --=20 User: DO YOU ACCEPT JESUS CHRIST AS YOUR PERSONAL LORD AND SAVIOR? Iniaes: Sure, I can accept all forms of payment. -- www.chatterboxchallenge.com --Cqq5NadOW2RfLMJ/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/Sn3iocfcwTS3JF8RAmj1AKC73YxIfSr4qcha9TmSny+70N5Z1ACgrtiJ cbBfzy4Ap5oVO3bJhFaF+tg= =Xbet -----END PGP SIGNATURE----- --Cqq5NadOW2RfLMJ/--