10-01-2010
Quote:
If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, the user will not be able to use a
unix password to log in (but the user may log in the system by other means).
How would a locked user can able to login using other means?
are you referring to login by super user and issue su <locked username>?
---------- Post updated at 03:49 AM ---------- Previous update was at 03:30 AM ----------
P.S:
I would also like to know the GID range of my distribution .
I can find the UID range by examining UID of nobody user but how would i find the same for GID.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi,
I want to append password into /etc/shadow file using a shell script.
My below script does add the users to both /etc/passwd and /etc/shadow but how can I add the hordcoded passwords to /etc/shadow file can some one help me ?
# To add the groups into /etc/group file
for a_user... (5 Replies)
Discussion started by: modgil
5 Replies
2. UNIX for Dummies Questions & Answers
hi,
I had to reset a lost root password by editing the /etc/passwd and /etc/shadow files ( this is a xen vm file, so i mounted and chrooted the file )
after the reboot with an empty password on root , i have set a new password with passwd but
it only changed the /etc/passwd file.... (0 Replies)
Discussion started by: progressdll
0 Replies
3. Solaris
Is it possible to reset a normal user password , by editing password field in /etc/shadow file?
Thanks (6 Replies)
Discussion started by: ksvaisakh
6 Replies
4. Solaris
Hi Solaris's expert
I need to change user password on Solaris10 2 servers.
With the same password I can change it just only one.
Try to check everything but not found difference??
password pattern: abcdeFgh9Jk
server1 check all characters but server2 check only first 8 characters.Why??... (10 Replies)
Discussion started by: arm_naja
10 Replies
5. Red Hat
Hi,
I am running NIS server on redhat linux 5 and I want to implement password restrictions for the yppasswd, how can I do it.Please help me.
I can implement password restriction for passwd by configuring /etc/pam.d/system-auth and setting crack_lib.so but I don't know how to implent the same... (3 Replies)
Discussion started by: ktrimu
3 Replies
6. Solaris
hi folk,
i try to setup a new password policy for our solaris box user, below are the /etc/default/passwd/, but then when i tried to create a user, it didn't ask for numeric character, and the new password also didn't ask for special characters.
# useradd testing
# passwd testing
New... (7 Replies)
Discussion started by: dehetoxic
7 Replies
7. Shell Programming and Scripting
On SPARC Solaris 10. I set the app account so it's expired. I also want it
so not required to change password at first login, I can do this by
removing the numbers after the password in /etc/shadow.
example using user1
The /etc/shadow file looks like this:
user1:kOmcVXAImRTAY:0::::90::
... (8 Replies)
Discussion started by: TKD
8 Replies
8. UNIX for Dummies Questions & Answers
i have an application that uses the encrypted password that's in the /etc/shadow file.
i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios.
this application allowed that... (5 Replies)
Discussion started by: SkySmart
5 Replies
9. Ubuntu
Hello Team,
I am using Lubuntu & have DRBL remote boot setup with open Ldap authentication. Currently there is no password expire policy. I want to set Password Policy so that user's password will expire after a month & they will get prompt to change their password.
Using PAM we can do it,... (1 Reply)
Discussion started by: paragnehete
1 Replies
10. AIX
I need help. I have set a password policy. But I want to dis allow setting user name as password.
My policy is as below...
min length =8
min diff=2
min alpha=2
max repeats=2
dictionary= /usr/share/dict/words
Still user can set his username as password (i.e. Jackie1234).
Code tags for... (11 Replies)
Discussion started by: powerAIX
11 Replies
shadow(4) Kernel Interfaces Manual shadow(4)
NAME
shadow - shadow password file
SYNOPSIS
DESCRIPTION
The file is created from the file by the command. It is readable only by a privileged user. It can be modified by the and commands. Pro-
grams may use the interfaces described in the getspent(3C) manpage to access this information. These functions return a pointer to an
structure, which is defined in the header file.
Fields
The file is an ASCII file consisting of any number of user entries separated by newlines. Each user entry line consists of the following
fields separated by colons:
login name Each login name must match a login name in puts the user entries in in the same order as the entries.
encrypted password
The password field of each entry contains an "x", and the actual encrypted passwords reside in The encrypted password field
consists of 13 characters chosen from a 64-character set of "digits". The characters used to represent "digits" are for 0,
for 1, through for 2 through 11, through for 12 through 37, and through for 38 through 63.
If the SHA11i3 product is installed, the password field may contain the prefix , where n is a label identifying an alterna-
tive algorithm used for the password hash. Using the new algorithm results in an encrypted password field which is longer
than 13 characters. The password field will consist of digits from the same 64-character set, as well as the additional
character used as a delimiter.
If this field is null, then there is no password and no password is demanded on login. Login can be prevented by entering a
character that is not a part of the set of digits (such as *).
last change
The number of days since January 1, 1970 that the password was last modified.
min days
The minimum period in days that must expire before the password can be changed. See also in security(4) and the command in
passwd(1).
max days
The maximum number of days for which a password is valid. A user who attempts to login after his password has expired is
forced to supply a new one. If min days and max days are both zero, the user is forced to change his password the next time
he logs in. If min days is greater than max days, then the password cannot be changed. These restrictions do not apply to
the superuser. See also in security(4) and the command in passwd(1).
warn days
The number of days the user is warned before his password expires. See also in security(4) and the command in passwd(1).
inactivity
The maximum number of days of inactivity allowed. This field is set with the option of either the or command. If this value
is greater than zero, then the account is locked if there have been no logins to the account for at least the specified num-
ber of days. If this value is less than or equal to zero, the value is determined by the attribute. See the description of
in security(4).
expiration
The absolute number of days since Jan 1, 1970 after which the account is no longer valid. A value of zero in this field
indicates that the account is locked.
reserved
The reserved field is always zero and is reserved for future use.
Notes
The file is not applicable to a system which has been converted to a trusted system.
WARNINGS
HP-UX 11i Version 3 is the last release to support trusted systems functionality.
FILES
system password file
shadow password file
SEE ALSO
login(1), passwd(1), pwconv(1M), pwunconv(1M), useradd(1M), userdel(1M), usermod(1M), crypt(3C), getspent(3C), putspent(3C), nss-
witch.conf(4), passwd(4), security(4).
shadow(4)