Serious password problems...

Chris Ruprecht yellowdog-general@lists.terrasoftsolutions.com
Sun Jun 30 22:32:18 2002 

Indeed, what you describe is a problem.
to begin with, even when you go to the site, how do you log in without th=
e=20
passwords, unless the system has an open ssh/terminal session up and runn=
ing.

Back in the good old bad days, you could pop in a floppy, bring your syst=
em up=20
from there, mount the / disk under the floppy fs and mess around with the=
=20
/etc/passwd and /etc/shadow files.

If however, you miraculously get access to the machine, you have to remov=
e the=20
second entry in the shadow file, all the fuzzy stuff between the two colo=
ns=20
after the user name.

If the user is not in the user file, delete him completely (not the home=20
directory) and do a new useradd for him.

Best regards,
Chris

On Sunday 30 June 2002 09:22, Mark Jaffe wrote:
> I did something today that has caused some serious access problems. I
> should not have done what I did, but I am sure it can be fixed. I just =
need
> to understand a little better about Linux-PAM and the shadow password f=
ile.
>
> First, a little history. I used to run an MkLinux server, it was a real
> solid system, just a tad slow (120MHz 601 chip in a Mac clone.) So when=
 I
> had a chance to upgrade hardware, I jumped onto YDL. I've been on a G3/=
450
> since January, and after installing YDL 2.1 and installing a minimum nu=
mber
> of users, (root and myself "wizards") I just copied over the /etc/passw=
d
> file from the old system and threw all the /home directories on as well=
=2E I
> made sure the user and group numbers all matched, of course.
>
> Fast-forward to today, after I reinstalled YDL 2.2; I wanted to change =
the
> password for one of my clients, as he was not able to log in. So I ssh'=
ed
> in as root, and tried the passwd command on the user. Got an error. The=
n I
> thought to use the "vipw" command, and removed the password entry for t=
he
> user from the passwd file, then it put me into the shadow file, but I d=
id
> not know what to do. I did notice there was no entry for the user I was
> trying to modify, and none of my other users. So I moved the shadow fil=
e
> out of /etc and then I was able to do a password change for the user. S=
o
> then I logged out. Bad thing; now I can no longer log in as root or
> "wizards" (myself.) Note that the server is not in house, but about 12
> miles away in a Co-Lo facility. The only access I have now is by http o=
r
> ftp. I will have to go there tomorrow, and move the shadow file back. B=
ut
> the big question I have is how to move all my users into the shadow fil=
e.
>
> Is anyone able to provide clues to this dilemma? I surely don't want to=
 do
> a full reinstall, especially as my clients need their web sites online.
>
> Mark
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> Mark Jaffe              | (408) 972-9638 (home)
> Chief Wizard            | (408) 807-1530 (cell/page/voicemail)
> Computer Wizards        | (425) 795-6421 (FAX)
> wizards44@earthlink.net | http://www.c-wizards.com/
>
>
>
> Sent using the Entourage X Test Drive.
>
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general@lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general

--=20
Chris Ruprecht
Network Grunt and Bit Pusher Extraordinaire
Gainesville, Florida, USA