We had problems recently with passwd : for some reason it was possible to connect to one of our Linux PC without any password, even as root !

I think this problem comes from a conversion from shadow to password : we had to transfer all the users of a machine on a a new one, so we copied the whole /etc/passwd of that machine on the other one, for doing this we had to convert the second machine, a PC with Suse 6.0 from shadow to password.

The utility /usr/sbin/pwunconv that allow this isn't in the shadow package of the Suse distrib, so we had to install it at once - by downloading the sources from Suse FTP - then after transfering the accounts all worked fine, but after a few days - about 2 weeks later, some problems with pop server made me notice that i could connect without any password : there was an /etc/shadow file where all password were null, and the passwords were a new in the /etc/passwd that was not used by the system - normally there should not be any /etc/shadow file if the other conversion with /usr/sbin/pwconv had not been made.

I had to apply again the utility /usr/sbin/pwconv to correct it.

Does somebody already knows with that bug? Is there some patches on the shadow package that correct it?