/etc/shadow Locked accounts
Waldher, Travis R
Travis.R.Waldher at boeing.com
Thu Oct 13 14:59:43 UTC 2005
> -----Original Message-----
> From: Rick Stevens [mailto:rstevens at vitalstream.com]
> Sent: Wednesday, October 12, 2005 5:52 PM
> To: Getting started with Red Hat Linux
> Subject: Re: /etc/shadow Locked accounts
>
> On Wed, 2005-10-12 at 14:19 -0600, redhat at buglecreek.com wrote:
> > On a RedHat ES 4 system I was checking for null passwords in
/etc/shadow
> > and came across a "x" in the encrypted password field (2nd field)
for a
> > few accounts. I have seen "!" "!!" and "*" for locked accounts but
have
> > not come across a "x". The x does seem to lock the accounts however,
> > which is what I want. Anyone know what program may have placed the
x in
> > the field? The "usermod -L" and "passwd -l" commands does not seem
to.
> > Also, does it have the same effect as "!"? I was just curious if
anyone
> > else has seen this.
>
> Smells like a hack job to me. /etc/shadow should have an encrypted
> password or a single or double "!" in it. It should NEVER have a
single
> character. It should render the password invalid, however, as there
> is no encryption system I know of that would generate a single
character
> as the encrypted string.
>
While this isn't a hack, this would be a hack job of administration.
To reproduce this "x", do this:
1) manually edit the /etc/passwd file, create a user account
2) Place an "x" in the password field
user1:x:600:600::/home/user1:/bin/bash
3) execute pwconv
Pwconv will place an "x" in the password field of the shadow file for
that user. This still does this on the initial release of AS4.0/FC,
I'm not sure if a security patch has come out to address this.
Travis
More information about the Redhat-install-list
mailing list