Hi, I am having a very strange problem on my suse 6.3... whenever i try to change passwd for any user, i get [datatwirl@mordor datatwirl]$ passwd passwd: User not known to the underlying authentication module Max Gribov [datatwirl@mordor datatwirl]$ i can change passwd's as root for any user, but the user himself cannot change his own passwd. this applies for all users on my system, and since many of them have default passwd, it became a serious security concern as well. how come this is happening? whats screwed up - pam? passwd? my machine? and what shoud i do about this, besides closing everyone's account? thanks alot max
Hi Max,
Hi, I am having a very strange problem on my suse 6.3... whenever i try to change passwd for any user, i get
[datatwirl@mordor datatwirl]$ passwd passwd: User not known to the underlying authentication module Max Gribov [datatwirl@mordor datatwirl]$
i can change passwd's as root for any user, but the user himself cannot change his own passwd. this applies for all users on my system, and since many of them have default passwd, it became a serious security concern as well.
how come this is happening? whats screwed up - pam? passwd? my machine? and what shoud i do about this, besides closing everyone's account?
thanks alot
max
Very often, it is comparatively easy to solve a problem. Instead, recognizing the problem is difficult. The information that you provide is somewhat sparse. Do you use NIS/NIS+? What are the permissions of /etc/passwd, /etc/shadow, /etc/resolv.conf, /usr/bin/passwd? Is your nscd running? Did you check for irregularities/inconsistencies in /etc/passwd,shadow? Who is Max Gribov? Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -
Von: Roman Drahtmueller <draht@suse.de> Datum: Wed, 16 Aug 2000 20:48:22 +0200 (MEST) An: max <datatwirl@datatwirl.yi.org> Cc: suse-security@suse.com Betreff: Re: [suse-security] cant use passwd??
Hi Max,
Hi, I am having a very strange problem on my suse 6.3... whenever i try to change passwd for any user, i get
[datatwirl@mordor datatwirl]$ passwd passwd: User not known to the underlying authentication module Max Gribov [datatwirl@mordor datatwirl]$
greetings! same problem since we changed from suse 5.3 (packages often updated) to 6.4 if i´m in as root and su wolfgang passwd wolfgang makes this message: passwd: User not known to the underlying authentication module no NIS, no nscd passwd 644 shadow 640 resolv.conf 644 /usr/bin/passwd -rwsr-xr-x 1 root shadow ciao wolfgang
there is no NIS what so ever, and as far as i know yes, nscd is working fine. and Max Gribov is grabage that apparently got copy/pasted by me into the message by mistake, so sorry about that. the error message i get should read: datatwirl@mordor:~ > passwd passwd: User not known to the underlying authentication module datatwirl@mordor:~ > I am assuming this has to do with pam (what other module would passwd be talking about?), but pam seems to be configured properly as well. max On Wed, 16 Aug 2000, Roman Drahtmueller wrote:
Hi Max,
Hi, I am having a very strange problem on my suse 6.3... whenever i try to change passwd for any user, i get
[datatwirl@mordor datatwirl]$ passwd passwd: User not known to the underlying authentication module Max Gribov [datatwirl@mordor datatwirl]$
i can change passwd's as root for any user, but the user himself cannot change his own passwd. this applies for all users on my system, and since many of them have default passwd, it became a serious security concern as well.
how come this is happening? whats screwed up - pam? passwd? my machine? and what shoud i do about this, besides closing everyone's account?
thanks alot
max
Very often, it is comparatively easy to solve a problem. Instead, recognizing the problem is difficult.
The information that you provide is somewhat sparse.
Do you use NIS/NIS+? What are the permissions of /etc/passwd, /etc/shadow, /etc/resolv.conf, /usr/bin/passwd? Is your nscd running? Did you check for irregularities/inconsistencies in /etc/passwd,shadow? Who is Max Gribov?
Thanks, Roman. -- - - | Roman Drahtm�ller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | N�rnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -
Hi On Wed, Aug 16, 2000 at 02:49:07PM -0500, max wrote:
datatwirl@mordor:~ > passwd passwd: User not known to the underlying authentication module datatwirl@mordor:~ >
I am assuming this has to do with pam (what other module would passwd be talking about?), but pam seems to be configured properly as well. This is possible. How does your /etc/pam.d/passwd config file look like? This is mine, quite stripped down and not of a suse system:
auth required /lib/security/pam_pwdb.so shadow nullok account required /lib/security/pam_pwdb.so password required /lib/security/pam_cracklib.so retry=3 password required /lib/security/pam_pwdb.so use_authtok nullok md5 shadow Do you perhaps use something else, like LDAP to authenticate users? Did you change any PAM stuff recently? MfG/Regards, Alexander -- Alexander Reelsen http://joker.rhwd.de ref@linux.com GnuPG: pub 1024D/F0D7313C sub 2048g/6AA2EDDB ar@rhwd.net 7D44 F4E3 1993 FDDF 552E 7C88 EE9C CBD1 F0D7 313C Securing Debian: http://joker.rhwd.de/doc/Securing-Debian-HOWTO
Von: Alexander Reelsen <ar@rhwd.net> Datum: Wed, 16 Aug 2000 20:52:37 +0200 An: suse-security@suse.com Betreff: Re: [suse-security] cant use passwd??
This is possible. How does your /etc/pam.d/passwd config file look like? This is mine, quite stripped down and not of a suse system:
auth required /lib/security/pam_pwdb.so shadow nullok account required /lib/security/pam_pwdb.so password required /lib/security/pam_cracklib.so retry=3 password required /lib/security/pam_pwdb.so use_authtok nullok md5 shadow
this is the one i have, i did´not change anything with pam auth required /lib/security/pam_unix.so nullok account required /lib/security/pam_unix.so password required /lib/security/pam_pwcheck.so nullok use_cracklib password required /lib/security/pam_unix.so nullok use_first_pass u$ session required /lib/security/pam_unix.so i did only recognize that changing to 6.4. made it complicate to change the passwd´s for our users that oftenly forget their passwd´s getting in with an ssh client on mac or windows ist no problem, but yast with ist F4, F5 etc. is sometimes difficult on non-standard keyboards. ciao wolfgang
On Wed, Aug 16, 2000 at 21:25 +0200, wolfgang tinhofer wrote:
getting in with an ssh client on mac or windows ist no problem, but yast with ist F4, F5 etc. is sometimes difficult on non-standard keyboards.
Go read the handbook or YaST help! This has been asked (and answered) *many* times ... virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.
participants (6)
-
Alexander Reelsen -
Gerhard Sittig -
max -
Roman Drahtmueller -
wolfgang -
wolfgang tinhofer