Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: what should /etc/shadow look like?

  1. #1
    Join Date
    Jul 2012
    Beans
    25

    what should /etc/shadow look like?

    Quick question.. If the root user account is disabled what should the line in the /etc/passwd and /etc/shadow files look like? I just noticed that my /etc/shadow line reads:
    Code:
       root:!:number
    ... I thought that a logon disabled account should read
    Code:
    name:*:number
    ... Thanks!
    Last edited by lou21; February 24th, 2013 at 02:09 PM. Reason: error

  2. #2
    Join Date
    Aug 2006
    Location
    Somewhere in the hell
    Beans
    294
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: what should /etc/shadow look like?

    Quote Originally Posted by lou21 View Post
    Quick question.. If the root user account is disabled what should the line in the /etc/passwd and /etc/shadow files look like? I just noticed that my /etc/shadow line reads:
    Code:
       root:!:number
    ... I thought that a logon disabled account should read
    Code:
    name:*:number
    ... Thanks!
    In my opinion, you will be regretted for disabling the root account.

    Samiux

  3. #3
    Join Date
    Jan 2013
    Location
    Vienna, Austria
    Beans
    56
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Re: what should /etc/shadow look like?

    Why would you want to disable the login for root?
    Ubuntu comes pre-configured this way unless you run something like:

    Code:
    sudo bash
    passwd

  4. #4
    Join Date
    Sep 2011
    Beans
    1,531

    Re: what should /etc/shadow look like?

    Quote Originally Posted by lou21 View Post
    Quick question.. If the root user account is disabled what should the line in the /etc/passwd and /etc/shadow files look like? I just noticed that my /etc/shadow line reads:
    Code:
       root:!:number
    ... I thought that a logon disabled account should read
    Code:
    name:*:number
    ... Thanks!
    It's not disabled, it's locked. https://help.ubuntu.com/community/RootSudo

    From this: http://manpages.ubuntu.com/manpages/.../passwd.5.html
    The encrypted password field may be blank, in which case no password is
    required to authenticate as the specified login name. However, some
    applications which read the /etc/passwd file may decide not to permit
    any access at all if the password field is blank. If the password field
    is a lower-case “x”, then the encrypted password is actually stored in
    the shadow(5) file instead; there must be a corresponding line in the
    /etc/shadow file, or else the user account is invalid. If the password
    field is any other string, then it will be treated as an encrypted
    password, as specified by crypt(3).
    so the ! indicates to me that the root password is encrypted.

  5. #5
    prodigy_ is offline May the Ubuntu Be With You!
    Join Date
    Mar 2008
    Beans
    1,219

    Re: what should /etc/shadow look like?

    Quote Originally Posted by lou21 View Post
    root user account is disabled
    It seems you're a little confused and I guess this is because you think root is like in-built Administrator account is Windows. In fact root is more like System in Windows. You can't really disable it.

  6. #6
    Join Date
    Jun 2011
    Beans
    357

    Re: what should /etc/shadow look like?

    The manual page for /etc/shadow reads

    Code:
    If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means).
    In other words, to answer the original question, he * and ! characters are equivalent in this case. People will not be able to login as the root user. You and other users may be able to perform admin tasks using sudo, but the root account itself is locked.

  7. #7
    Join Date
    Jul 2012
    Beans
    25

    Re: what should /etc/shadow look like?

    Quote Originally Posted by Ms. Daisy View Post
    It's not disabled, it's locked. https://help.ubuntu.com/community/RootSudo

    From this: http://manpages.ubuntu.com/manpages/.../passwd.5.html
    so the ! indicates to me that the root password is encrypted.
    That line I quote in the original question is from /etc/shadow NOT /etc/passwd. The line in /etc/passwd looks like:
    Code:
    root:x:0:0:root:/root:/bin/bash
    Which I know points to the /etc/shadow file for a potential pass word.
    Last edited by lou21; February 25th, 2013 at 03:10 AM.

  8. #8
    Join Date
    Jul 2012
    Beans
    25

    Re: what should /etc/shadow look like?

    OK clearly I didn't express myself very well in the first post. First to be clear. I am referring to the /etc/shadow file. NOT to /etc/passwd. So a better simpler question would be. What is the difference between a * and a ! in the password field of the /etc/shadow file on an Ubuntu 12.10 system? I know that both of these imply that pass word baased logon is not possible. However, apparently on some systems the ! implies that key based logons are possible. In this case why is this possible on my ubuntu box? I am asking why this file is not how I expected or remembered it being and I am wondering if someone has cracked my system.
    Last edited by lou21; February 25th, 2013 at 03:03 AM. Reason: error

  9. #9
    Join Date
    Jul 2012
    Beans
    25

    Re: what should /etc/shadow look like?

    Quote Originally Posted by thermion View Post
    Why would you want to disable the login for root?
    Ubuntu comes pre-configured this way unless you run something like:

    Code:
    sudo bash
    passwd
    I personally never changed anything to do with root access. I never enabled nor disabled any sort of root logon.

  10. #10
    Join Date
    May 2010
    Location
    uk
    Beans
    9,291
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: what should /etc/shadow look like?

    Hi

    You have not been hacked, as i have not. the x's i added.

    Code:
    matthew-S206:/home/matthew/fxp % sudo grep root /etc/shadow
    root:!:xxxx:x:xxxx:7:::
    matthew-S206:/home/matthew/fxp %
    Kind regards
    If you believe everything you read, you better not read. ~ Japanese Proverb

    If you don't read the newspaper, you're uninformed. If you read the newspaper, you're mis-informed. - Mark Twain

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •