[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Problem with Redhat 6.0



There is a difference between NO password field in /etc/passwd or
/etc/shadow, and not having passwords stored online.  I used kerb5 for
authentication, my password file still needs to look like this:

bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/adm:

And my shadow file looks like:
bin:*:10362:-1:-1:-1:-1:-1:-1
daemon:*:10362:-1:-1:-1:-1:-1:-1
adm:*:10362:-1:-1:-1:-1:-1:-1

This prevents any programs from accidently assuming that there is no
password associated with a user.  The NULLOK string is to allow NO
password to be allowed, ie, for a system-status login with no password
which just reports information and logs out.

I have kerb5 logins for all users, but local shadowed password for the
root user.  This is all done under redaht 4.2 base and 5.2 base without
any difficulty.

-Matt Drown     -- Privacy, Anonyminity, & Security -- DataHaven Project
 panzer@dhp.com -- Shell and Web accounts           -- http://www.dhp.com/ 




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []