Blank password works for root
Bill Beeman
bbeeman at beemangroup.com
Fri Jan 9 21:48:34 UTC 2004
> Bevan C. Bennett wrote:
> Subject: Re: Blank password works for root
>
>
> Bill Beeman wrote:
> > If anyone else has any ideas, I'm open: to recap, a null
> password works
> > for root on this machine, whether from the console, a ssh
> session, or an
> > X session. The same when attempting to su...either the
> root password or
> > a null password works.
> >
> > This is not the case with a normal user password. I've run
> > chkrootkit-0.43, and it comes up clean.
> >
> > Ideas?
>
> To reiterate my working theory, I think your root user actually has a
> null password, either in the system files or in a remote
> authentication
> store (like LDAP).
>
> The complete 'auth' contents of your system-auth, plus the root entry
> from /etc/shadow (obfuscate is desired) would help our
> debugging efforts.
>
Here's system-auth:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_smb_auth.so
use_first_pass nolocal
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
password required /lib/security/$ISA/pam_cracklib.so retry=3
type=
password sufficient /lib/security/$ISA/pam_unix.so nullok
use_authtok shadow
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
and the (obfuscated) root entry from /etc/shadow:
root:xxxxxxxxxxx:12426:0:99999:7:::
Hope this helps..
Bill
More information about the fedora-list
mailing list