On Tue, Mar 18, 2008 at 9:52 AM, Mike Kershaw <[EMAIL PROTECTED]> wrote: > On Tue, Mar 18, 2008 at 09:07:35AM -0400, John Mort wrote: > > Poking around, I think I might have found the problem, but don't know > > how to solve it. On a whim I checked /etc/passwd and /etc/shadow, > > /etc/passwd didn't show anything useful but /etc/shadow shows all the > > user accounts passwords in plain text, while the root password is > > obviously encrypted. I've never (to my knowledge) used /etc/shadow, > > but I'm guessing that ssh is checking this file and treating the > > plaintext passwords as encrypted passwords, which would cause them to > > not match up when it compares the encrypted version of what I'm typing > > in. > > Shadow has been around for about 10 years. It solves the problem that a > lot of nonprivved tools need to see the user accounts list, but > shouldn't see the password list. Passwords in /etc/passwd are > "shadowed" with 'x' in the pw field. The encrypted password is then > kept in /etc/shadow, which should look like: > > dragorn:$ddsfcxcvZFdjhdfjhxjjDEDFJhdfjhdf0:13775:0:99999:7::: > > Shadow should definitely not show passwords in plaintext - that would > indicate something has gone very wrong somewhere, I'm not even sure > how you'd cause that to happen... > I just know that when I've been given the option at home to use shadow tables, I've declined, wanting to keep things simpler until I had a higher level of competency.
With your confirmation that plaintext passwords in /etc/shadow are not normal, I was able to do a bit of googlemancy and I think I know what happened. It looks like the guy who set up the linux machines does everything in root, because even his account is showing up in plaintext. I just logged in as root and set myself up with a user account using the GUI and my password is encrypted. So I'm guessing he probably used the useradd command with the -p flag, which is supposed to be supplied with an encrypted password, but he probably put the password itself instead. At least, that's how I'm able to replicate it. I'm not even able to log in locally under his name (which makes sense), so I'm betting he does everything as root and never noticed the problem before. -- John D. Mort http://john.mort.net _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Mar 5 - Wearable Linux Computing Apr 2 - Building a Kernel the Debian / Ubuntu way May 7 - Setting up a platform-independent home/small office network using Linux Jun 4 - TBD Jul 2 - KVM (Tenative)
