On Mon, Sep 18, 2006 at 10:09:03AM +0100, Jorge Almeida wrote: > I've seen somewhere a '*' in the password field of non-human users. I > think this is supposed to mean that user can't login. However, I didn't > find anything like that in gentoo's /etc/passwd (e.g., for user cron or > user sshd). Can someone comment on this matter? Is * deprecated? Of > course, these non-human users have /bin/false as shell, but extra > precautions wouldn't hurt... > Am I seeing something wrong?
Passwords are stored in /etc/shadow for security reasons: -rw-r--r-- /etc/passwd -rw------- /etc/shadow >From shadow(5) manpage: If the password field contains some string that is not valid result of crypt(3), for instance ! or *, the user will not be able to use a unix password to log in, subject to pam(7). Bye. -- * Pillon Matteo -- gentoo-user@gentoo.org mailing list
