Serious password problems...

Mark Jaffe yellowdog-general@lists.terrasoftsolutions.com
Sun Jun 30 19:27:01 2002 

I did something today that has caused some serious access problems. I should
not have done what I did, but I am sure it can be fixed. I just need to
understand a little better about Linux-PAM and the shadow password file.

First, a little history. I used to run an MkLinux server, it was a real
solid system, just a tad slow (120MHz 601 chip in a Mac clone.) So when I
had a chance to upgrade hardware, I jumped onto YDL. I've been on a G3/450
since January, and after installing YDL 2.1 and installing a minimum number
of users, (root and myself "wizards") I just copied over the /etc/passwd
file from the old system and threw all the /home directories on as well. I
made sure the user and group numbers all matched, of course.

Fast-forward to today, after I reinstalled YDL 2.2; I wanted to change the
password for one of my clients, as he was not able to log in. So I ssh'ed in
as root, and tried the passwd command on the user. Got an error. Then I
thought to use the "vipw" command, and removed the password entry for the
user from the passwd file, then it put me into the shadow file, but I did
not know what to do. I did notice there was no entry for the user I was
trying to modify, and none of my other users. So I moved the shadow file out
of /etc and then I was able to do a password change for the user. So then I
logged out. Bad thing; now I can no longer log in as root or "wizards"
(myself.) Note that the server is not in house, but about 12 miles away in a
Co-Lo facility. The only access I have now is by http or ftp. I will have to
go there tomorrow, and move the shadow file back. But the big question I
have is how to move all my users into the shadow file.

Is anyone able to provide clues to this dilemma? I surely don't want to do a
full reinstall, especially as my clients need their web sites online.

Mark
==============================================================
Mark Jaffe              | (408) 972-9638 (home)
Chief Wizard            | (408) 807-1530 (cell/page/voicemail)
Computer Wizards        | (425) 795-6421 (FAX)
wizards44@earthlink.net | http://www.c-wizards.com/



Sent using the Entourage X Test Drive.