How to handle usernames?
Hi there, I´ve got a strange behaviour which I want to get rid off ... though it may not be the right group here: on a suse linux 8.1 box, doing useradd -s /bin/false -d /... and-so-on ... b.richards to add a mailuseraccount, I always got the reply: invalid username The same with useradd -s /bin/false -d /... and-so-on b\.richards OK, then I´m typing ³useradd brichards², editing the /etc/passwd as well as /etc/shadow (e.g. setting in the dot manually), then typing in the password, but then ... the client sometimes gets an errormessage from postfix - sometimes it works fine. I found out that in case of unvalid usernames always almost a ³!² is shown in the second field in /etc/shadow-uservalue-lines (where there have to be the shadowed password). everything works fine with usernames without a dot. I tried hard to find some informations about this, but the only restriction valid for all shels seemed to be avoiding ³:² and ³/² in usernames. Anyone a suggestion? would be helpfull... thanx a lot! greetings Btw: how can I change the length of a password to a value higher than 8? Possible at all on a bash or tcsh?
lars wrote:
Anyone a suggestion? would be helpfull... thanx a lot!
it's not 'good' to use such usernames, not every unix tool/programm will be able to handle that correctly. To get it working you have some possible ways: 1. edit /etc/passwd etc. by hand (do that only if you know what you're doing) 2. use normal usernames like "brichards" and add an alias for your MTA (on postfix: /etc/postfix/aliases -> add: b.richards: brichards) 3. use an alternative backend for storing usernames etc. for the mail system (likeall users in a ldap or mysql database). 1. is quick'n dirty 2. is the preferred easy way 3. is more work but should give you a more flexible system...
Btw: how can I change the length of a password to a value higher than 8? Possible at all on a bash or tcsh?
use md5 passwords.
Hi! I don't know about the osers, but about password length: Yast - security and users - custom - on the second screen you have the password length screen Regards, Radu ----- Original Message ----- From: "lars" <lars@brainlift.de> To: <suse-security@suse.com> Sent: Friday, March 28, 2003 3:33 PM Subject: [suse-security] How to handle usernames? Hi there, I´ve got a strange behaviour which I want to get rid off ... though it may not be the right group here: on a suse linux 8.1 box, doing useradd -s /bin/false -d /... and-so-on ... b.richards to add a mailuseraccount, I always got the reply: invalid username The same with useradd -s /bin/false -d /... and-so-on b\.richards OK, then I´m typing ³useradd brichards², editing the /etc/passwd as well as /etc/shadow (e.g. setting in the dot manually), then typing in the password, but then ... the client sometimes gets an errormessage from postfix - sometimes it works fine. I found out that in case of unvalid usernames always almost a ³!² is shown in the second field in /etc/shadow-uservalue-lines (where there have to be the shadowed password). everything works fine with usernames without a dot. I tried hard to find some informations about this, but the only restriction valid for all shels seemed to be avoiding ³:² and ³/² in usernames. Anyone a suggestion? would be helpfull... thanx a lot! greetings Btw: how can I change the length of a password to a value higher than 8? Possible at all on a bash or tcsh?
For the password: have a look at /etc/login.defs: # # Number of significant characters in the password for crypt(). # Default is 8, don't change unless your crypt() is better. # Ignored if the "md5" or "blowfish" option is given to the # pam_pwcheck module. # PASS_MAX_LEN 8 For the "dotted" name the only solution I know is to rename the username after adding her/ him to the system in /etc... -- Eat, sleep and go running, David Huecking. Encrypted eMail welcome! GnuPG/ PGP-Key: 0x57809216. Fingerprint: 3DF2 CBE0 DFAA 4164 02C2 4E2A E005 8DF7 5780 9216 On Fri, 28 Mar 2003, lars wrote:
on a suse linux 8.1 box, doing
useradd -s /bin/false -d /... and-so-on ... b.richards
to add a mailuseraccount, I always got the reply:
invalid username
The same with
useradd -s /bin/false -d /... and-so-on b\.richards
OK, then I´m typing ³useradd brichards², editing the /etc/passwd as well as /etc/shadow (e.g. setting in the dot manually), then typing in the password, but then ... the client sometimes gets an errormessage from postfix - sometimes it works fine. I found out that in case of unvalid usernames always almost a ³!² is shown in the second field in /etc/shadow-uservalue-lines (where there have to be the shadowed password).
everything works fine with usernames without a dot.
I tried hard to find some informations about this, but the only restriction valid for all shels seemed to be avoiding ³:² and ³/² in usernames.
[...]
Btw: how can I change the length of a password to a value higher than 8? Possible at all on a bash or tcsh?
For the "dotted" name the only solution I know is to rename the username after adding her/ him to the system in /etc...
Hi there, i use the program webmin to add users with a "." in the name. It ist available under www.webmin.com There you also can choose an other home-path for the user, for example: v.lieder, home/vlieder and so on.... Works fine, V.Lieder
-- Eat, sleep and go running, David Huecking.
Encrypted eMail welcome! GnuPG/ PGP-Key: 0x57809216. Fingerprint: 3DF2 CBE0 DFAA 4164 02C2 4E2A E005 8DF7 5780 9216
on a suse linux 8.1 box, doing
useradd -s /bin/false -d /... and-so-on ... b.richards
to add a mailuseraccount, I always got the reply:
invalid username
The same with
useradd -s /bin/false -d /... and-so-on b\.richards
OK, then I´m typing ³useradd brichards², editing the /etc/passwd as well as /etc/shadow (e.g. setting in the dot manually), then typing in
On Fri, 28 Mar 2003, lars wrote: the password, ....
The reason is that SuSE modified the useradd interface program from 7.x to 8.x. Usernames with "dots" are no more accepted, although everybody use it. I´ve got the same problem and as I didn´t receive ANY help from this list ( besides saying "this is not a security related question") neither from SuSE Support Team, I had to edit useradd source code by myself. Good luck, Mário Júnior ---------------------- Network Admin ----- Original Message ----- From: "lars" <lars@brainlift.de> To: <suse-security@suse.com> Sent: Friday, March 28, 2003 10:33 AM Subject: [suse-security] How to handle usernames? Hi there, I´ve got a strange behaviour which I want to get rid off ... though it may not be the right group here: on a suse linux 8.1 box, doing useradd -s /bin/false -d /... and-so-on ... b.richards to add a mailuseraccount, I always got the reply: invalid username
participants (6)
-
David Huecking -
lars -
Mario -
Radu Voicu -
Sven 'Darkman' Michels -
Volker Lieder