someone save my ass prob with root passwd
hi all, i've been experimenting with suse on one of my friends machines. at one point i disabled the root passwd by deleting the x in the /etc/passwd file. after this i logged out and tried logging in as root. it was logging me in without me for any passwd. now i wanted to put a new passwd for root. so i gave the following commands. $passwd prompt for new passwd : <new passwd> prompt to retype : <new passwd> then it says 'passwd changed' i expected the new passwd to be operational. to check i again logged out and tried logging in as root. but it didn't prompt me for a passwd, but directly logged me in. i checked the /etc/passwd file, but there was no x for the root though i gave a new passwd. am missing something in the process of changing the passwd. i situation is very serious coz my friend is really freaked that the root is not protected. she already had her machine hacked once. obviously there's hella lot of pressure on me to get it straight. someone help. bye. chaitanya. __________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
Chaitanya Krishna A wrote:
hi all,
i've been experimenting with suse on one of my friends machines.
at one point i disabled the root passwd by deleting the x in the /etc/passwd file. after this i logged out and tried logging in as root. it was logging me in without me for any passwd. now i wanted to put a new passwd for root. so i gave the following commands.
$passwd prompt for new passwd : <new passwd> prompt to retype : <new passwd> then it says 'passwd changed'
i expected the new passwd to be operational. to check i again logged out and tried logging in as root. but it didn't prompt me for a passwd, but directly logged me in. i checked the /etc/passwd file, but there was no x for the root though i gave a new passwd. am missing something in the process of changing the passwd.
i situation is very serious coz my friend is really freaked that the root is not protected. she already had her machine hacked once. obviously there's hella lot of pressure on me to get it straight. someone help.
bye. chaitanya.
Did you try SuSEconfig and/or Yast(check security settings etc)? Which version of SuSE? Of course I am not going to ask about why you were experimenting on a friends machine... Matt
On 19.03.05,01:05, Chaitanya Krishna A wrote:
hi all,
i've been experimenting with suse on one of my friends machines.
at one point i disabled the root passwd by deleting the x in the /etc/passwd file. after this i logged out and tried logging in as root. it was logging me in without me for any passwd. now i wanted to put a new passwd for root. so i gave the following commands.
$passwd prompt for new passwd : <new passwd> prompt to retype : <new passwd> then it says 'passwd changed'
i expected the new passwd to be operational. to check i again logged out and tried logging in as root. but it didn't prompt me for a passwd, but directly logged me in. i checked the /etc/passwd file, but there was no x for the root though i gave a new passwd. am missing something in the process of changing the passwd.
i situation is very serious coz my friend is really freaked that the root is not protected. she already had her machine hacked once. obviously there's hella lot of pressure on me to get it straight. someone help.
bye.
Try to set password again with: 'passwd -e' ? - Jostein
chaitanya.
__________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
--
Jostein Berntsen
On Saturday 19 March 2005 10:05, Chaitanya Krishna A wrote:
hi all,
i've been experimenting with suse on one of my friends machines.
at one point i disabled the root passwd by deleting the x in the /etc/passwd file. after this i logged out and tried logging in as root. it was logging me in without me for any passwd. now i wanted to put a new passwd for root. so i gave the following commands.
$passwd prompt for new passwd : <new passwd> prompt to retype : <new passwd> then it says 'passwd changed'
The password went to /etc/shadow, BTW.
i expected the new passwd to be operational.
The 'x' has a special meaning...
to check i again logged out and tried logging in as root. but it didn't prompt me for a passwd, but directly logged me in. i checked the /etc/passwd file, but there was no x for the root though i gave a new passwd. am missing something in the process of changing the passwd.
Tried to put the x back manually? I believe that is the solution. Testing... Yup. I removed the x from my root entry in /etc/passwd, and could login without a password. After putting the x back, things were normal. Seems the change does not take into effect immediately, as if the login prompt has /etc/passwd cached somewhere??? Cheers, Leen
--- Chaitanya Krishna A
hi all,
i've been experimenting with suse on one of my friends machines.
at one point i disabled the root passwd by deleting the x in the /etc/passwd file. after this i logged out and tried logging in as root. it was logging me in without me for any passwd. now i wanted to put a new passwd for root. so i gave the following commands.
$passwd prompt for new passwd : <new passwd> prompt to retype : <new passwd> then it says 'passwd changed'
i expected the new passwd to be operational. to check i again logged out and tried logging in as root. but it didn't prompt me for a passwd, but directly logged me in. i checked the /etc/passwd file, but there was no x for the root though i gave a new passwd. am missing something in the process of changing the passwd.
i situation is very serious coz my friend is really freaked that the root is not protected. she already had her machine hacked once. obviously there's hella lot of pressure on me to get it straight. someone help.
thanks for the help guys. i could fix the problem finally. what i did was ..... as the root didn't have any passwd, i logged in as root into the kde desktop, used the option in the system settings to change passwd and gave a new passwd and then it worked. but still i don't understand onething. why didn't it change the passwd from the console. i tried doing the same thing as i mentioned in the above mail on my machine which still runs on centos 3.3 from the console and had no probs disabling the passwd and again changing to a new one. if someone knows why this happens please enlighten me. regards, chaitanya. __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/
On Saturday 19 March 2005 16:31, Chaitanya Krishna A wrote:
but still i don't understand onething. why didn't it change the passwd from the console.
But it did! The missing 'x' was significant. I do not know the exact function of that 'x', but without it the system does not ask for a password, although there is one in /etc/shadow. Try removing the 'x', and try a few times to login on that account. Now replace the x, and again try a few times to login on that account. Cheers, Leen
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2005-03-19 11:15:45 -0500 Leendert Meyer
But it did! The missing 'x' was significant. I do not know the exact function of that 'x', but without it the system does not ask for a password, although there is one in /etc/shadow.
The x is a place holder in the old password field in /etc/passwd. It essentially means that the account is password protected, but the actually pasword is stored in /etc/shadow now. Charles -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using the GPG bundle for GNUMail iD8DBQFCPGRv3epPyyKbwPYRAj/KAKDUYM05qjh3j8eU3ehiRjx1ZQbpRwCcCkyy tm+0wXddWKerjZYVGAQ1HXs= =tDEi -----END PGP SIGNATURE-----
Leendert Meyer wrote:
On Saturday 19 March 2005 16:31, Chaitanya Krishna A wrote:
but still i don't understand onething. why didn't it change the passwd from the console.
But it did! The missing 'x' was significant. I do not know the exact function of that 'x', but without it the system does not ask for a password, although there is one in /etc/shadow.
Try removing the 'x', and try a few times to login on that account.
Now replace the x, and again try a few times to login on that account.
And of course, you've just described the usual method of regaining access to a system, when no one knows the password. Just boot with a rescue disk, delete the "x", change the password and replace the "x". This also shows why system security includes physical security.
On Saturday 19 March 2005 9:31 am, Chaitanya Krishna A wrote:
$passwd prompt for new passwd : <new passwd> prompt to retype : <new passwd> then it says 'passwd changed'
but still i don't understand onething. why didn't it change the passwd from the console. i tried doing the same thing as i mentioned in the above mail on my machine which still runs on centos 3.3 from the console and had no probs disabling the passwd and again changing to a new one. if someone knows why this happens please enlighten me.
regards, chaitanya.
Just a guess but it looked to me like you were at a user login prompt: $ passwd Versus a root login prompt: # passwd So I am guessing you changed that user's passwd and not root's. Root usually has a # prompt signifying root is logged in. Just a guess. Been there, done that sort of thing myself. Stan
participants (7)
-
Chaitanya Krishna A -
Charles Philip Chan -
James Knott -
Jostein Berntsen -
Leendert Meyer -
Matthew -
Stan Glasoe