On Tue, Mar 18, 2008 at 09:07:35AM -0400, John Mort wrote: > Poking around, I think I might have found the problem, but don't know > how to solve it. On a whim I checked /etc/passwd and /etc/shadow, > /etc/passwd didn't show anything useful but /etc/shadow shows all the > user accounts passwords in plain text, while the root password is > obviously encrypted. I've never (to my knowledge) used /etc/shadow, > but I'm guessing that ssh is checking this file and treating the > plaintext passwords as encrypted passwords, which would cause them to > not match up when it compares the encrypted version of what I'm typing > in.
Shadow has been around for about 10 years. It solves the problem that a lot of nonprivved tools need to see the user accounts list, but shouldn't see the password list. Passwords in /etc/passwd are "shadowed" with 'x' in the pw field. The encrypted password is then kept in /etc/shadow, which should look like: dragorn:$ddsfcxcvZFdjhdfjhxjjDEDFJhdfjhdf0:13775:0:99999:7::: Shadow should definitely not show passwords in plaintext - that would indicate something has gone very wrong somewhere, I'm not even sure how you'd cause that to happen... -m -- Mike Kershaw/Dragorn <[EMAIL PROTECTED]> GPG Fingerprint: 3546 89DF 3C9D ED80 3381 A661 D7B2 8822 738B BDB1 "Remember the book store down the road? That then became a book and coffee shop? Now it's a 24-hour just-coffee shop. It's like evolution, only, without the getting better."
pgpjhctBtalLx.pgp
Description: PGP signature
_______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Mar 5 - Wearable Linux Computing Apr 2 - Building a Kernel the Debian / Ubuntu way May 7 - Setting up a platform-independent home/small office network using Linux Jun 4 - TBD Jul 2 - KVM (Tenative)
