General :: Deleted Root From Passwd And Shadow File
Oct 7, 2010I deleted root from passwd and shadow file.Can I crate a new root user?
View 1 RepliesI deleted root from passwd and shadow file.Can I crate a new root user?
View 1 RepliesWhat is the easiest way to replace a hash in a shadow file for one particular user, not using passwd, and when the current password is unknown?
View 3 Replies View RelatedI am bulding my own image based on 2.6.32 kernel, I wish to add a guest user:
In a script thats invoked by the makefile, I use 'useradd' command & this updates the shadow, passwd files under /etc on the host, is it possible to tell the command to create the shadow / password under some other folder on the host? may be /tmp?
I work for a seismic company that has recently experienced a security issue. Because we have an isolated network that is used for HPC work we have a very open security structue ie password less accounts rsh rlogin etc. We had, seemingly,a user that has maliciously deleted another user's files but I still haven't figured out how. So far I have been able to prove that this user has remotely logged into another host under that user's account... or at least that their workstation did. The /var/log/message file shows logins from their workstation as that user multiple times durring the times that these files were being deleted. There are wildcard searches for these files in the history in this host. There is a vi session initiated on this host for a file called delme (delete me) and then a chmod +x for this file. and then a deletion of this file (rm delme). Funny things: this user has no business in this acct. this user was bounced off the other host (permission denied) when trying to log into the other host and then as root logged into the other host as the other acct. repeatedly... ie. rsh -l xxx (permis den) then as root rsh -l xxx (logged in) why not su xxx and then rsh? password less acct?! why use root privs (which they sholuld not have) to log into a passwd less acct? Can't see any remote logins to their workstation from elsewhere. can't find smoking gun. no execution of delme script or any other rm /*/xxx/* sort of command that proves when file deletion of striped files happened?!
changing root passwd soon.need proof that no remote logins to a CentOS 5.3 workstation could be responsible.
Could mean someone gets fired.how can I be sure that no other users logged into this machine and then into another machine for sure?
I edited the passwd file to modify the default shell for root from bash to tcshnow when I try to login to root it gives me the following error:"su: /bin/tcsh : No such file or directory"
View 3 Replies View RelatedIn what cases would a user appear in /etc/shadow and not /etc/passwd
View 2 Replies View RelatedI am trying to write a remote access module. Is there any function in linux where I can give string (password entered by user) and compare it with the actual user password stored in /etc/shadow. Since the password is stored encrypted in /etc/shadow I cannot parse and compare. So I want some method to compare if my user entered the correct password..Is there any function for that..
View 6 Replies View Related[Code]....
Password: su: /bin/bash:/sbin: No such file or directory i cannot delete that entry from /etc/passwd as i cannot login as root.
Its 2 weeks i'm trying to configure freeradius2 on centos5 64bit after installed it from yum.all seems working, but i cant authenticate unix users.after digging in many sites its simply cant find user name and password ( ++[unix] returns notfound )Also how can i paste here all the radiusd -X log lines? i can't find any
radius.log file.
I have been working on Kerberos and Ldap Authentication on SUSE 11.3.
I was successful with Kerberos authentication and had no issue. then i moved to configure LDAP as i want to configure this authentication method for APACHE server.
Now after configuring ldap and pam, I am able to check the command 'getent shadow' with no issue and this command lists all the users of that OU too. but when i try getent passwd or getent group , it results nothing but local users.
we know that /etc/passwd - is a replica of /etc/passwd file and acts as a backup in any damage done to /etc/passwd file..i have observed a strange thing in RHEL 5.4....for example... if /etc/passwd has 100 accounts.. then /etc/passwd - is having only 99 accounts....when i add 101 useraccount with "useradd" then /etc/passwd has 101 accounts and /etc/passwd is having the 100th account of /etc/passwd - ..when i delete /etc/passwd and recover it with /etc/passwd - from runlevel 1 the lastly created user is not having his account after recovery.. what is the solution? this is same case even with /etc/shadow and /etc/shadow -
View 2 Replies View RelatedToday i was going through some of security guides written on linux .Under shadow file security following points were mentioned.1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters.2)Usernames in shadow file must satisfy to all the same rules as usernames in /etc/passwd.3)password for application Username should display * if username is not locked.4)If a user is locked it should be displayed as ! as the first character in second field of shadow file.
Confusion for point 1 and 2:Now i m confused as why the encrypted password should be more than 14-25 characters.Also what rules to satisfy How to check it?Confusion for point 3 and 4:There are lot of users with * as second field i guess they are not locked but according to 4th point there are lot of users with ! as first characters.How would i check whether they are actually locked or not.I m posting the output of /etc/shadow and /etc/passwd files for the account.
I am just wondering what encryption method the shadow file uses, so that I may be able to manually change it. I ask this because I am trying to make a web page that will allow people to change their linux password via a browser.
View 4 Replies View RelatedWell we all know that it holds passwords. But cat-ing it gives out nothing. Not even encrypted gibberish. So how exactly is a password stored in this? Is this like a device file or something?
View 4 Replies View RelatedI was doing some experiment about resource-accessing. By mistake, I executed this command,$ sudo mv /etc/passwd /etc/passwd.bakThen I could not execute any command with privilege(eg. sudo mv /etc/passwd.bak /etc/passwd). When I shut the system down, I could not boot it any more.
View 2 Replies View RelatedI got a user account on a linux network. But when I look in the /etc/passwd file, I don't see my username there. Where would I find my username
View 3 Replies View RelatedUnfortunately i lost my passwd file...so who to recover that.
View 8 Replies View RelatedI would like to grep all values other than encrypted password from /etc/shadow fileFor example,each line consists of 8 fields separated with :/The only thing that I want not to print out is the contents between first : and second : (encrypted password)
View 7 Replies View Relatedwhen loggin as a normal user and search for a file passwd under /etc. i get few errors with permission denied.how to ignore this permission denied errors.
csh hostname 109 % find . -name passwd
find: ./lvm/backup: Permission denied
find: ./lvm/archive: Permission denied
[code]....
my debian laptop this morning ,saw that the update manager had updates..97 of them??? then when tried to view them the package manager freezes and becomes unresponsive. needed to do a few things and found my root password is NOT working. this all happened at the same time, i wonder if its related? have i been hacked? is this something new? cant reset root password (tried two methodeds with no luck) and cant view the updates altho i question 97 new updates are needed.
View 7 Replies View RelatedIs there anyway to have a different password for login and root? For example, my account is Bratu. I want a login password: ABCD and my root password: EFG
View 1 Replies View RelatedI have Red Hat version 4 I was trying to change the root password with the passwd command.I get the error passwd: PAM [dlerror: /lib64/security/sufficient: cannot open shared object file: No such file or directory] I have change the password before.
View 5 Replies View RelatedI have accidentally ended up in deleting my root directory while I blindly fired command while watching movie.
I fired following command
#rm -rf ~/<SPACE>*.out
instead of this command
#rm -rf ~/*.out
Things already done:
1) Created /root directory relogged to get some of basic settings of gnome and Desktop.
2) Things went well now when I login my desktop ,gnome environment and other things looks to be working well only prompt on my terminal has changed. I can fix it any ways.
Things I want to ask:
1) I haven't studied much about contents of /root directory to best of my knowledge is it like other user's home directory with some basic configuration files for mostly required applications. SO my question is have I lost any thing important system file or something?
2) If I have lost any important configuration or system data how can I recover it without reinstalling whole system? (My opinion about this is, It is quite possible but to do so, as far as I know capabilities of linux. But I still want comments from experts before I try any things on it because I don't want to backup my whole HDD and reinstall the whole stuff again for me and also my sister's stuff in MS.)
FC9 - Sulphur, x86, nothing fancy
Did an update (damn the unofficial repos!)
Found a problem with pam_passwdqc module.
Like the title says, I'm unable to change root's password.
I boot into singleuser mode, run passwd, get the
Code:
Boot into multiuser mode and I'm still unable to login.
Two questions:
1) Anyone have a 'default' /etc/pam.d/system-auth that I can replace with the system-auth that was obliterated by the pam_passwdqc update?
2) Any other ideas?
So I transfered a few folders with videos in them to the public folder on an Ubuntu 10.04 laptop I have from my Ubuntu 10.04 64bit laptop. When I wanted to delete the folder I didn't have permission so I ran "gksudo nautilus" so I could delete it as root. So I deleted the folder but I did not get the space back!
I went to /.local/Shared/Trash and one of the folders I deleted was there but deleting it didn't get that space back either.
I did some searching but most of what I find doesn't help or tells me to look in the folder /.local/Shared/Trash folder but that didn't help any.
I used the ext3 format when I formatted my partition prior to installing Ubuntu10.10. I had accidentally deleted a file and began the process to get it back. It wasn't critical but helpful to recover the file. To make a long story short I ran into to some unexpected road blocks. I tried to use PhotoRec to get the job done but with no success.
I'm just looking down the road in the event I might have to recover something important.If it would be better going back to the Fat32 file system I would rather do it sooner than later. Just as a side note I am dual booting between linux and windows.
Not able to login to a user account, even after clearing the password from root using passwd -d
[root@ivrsdb1_pnq /]# passwd -S oracle
Password locked.
[root@ivrsdb1_pnq /]# passwd -u -f oracle
Unlocking password for user oracle.
[code]....
we can save the users password in /etc/password file itself.then why a special file /etc/shadow is created to save the encripted password of users.
View 2 Replies View RelatedThe man page for rm says Quote:Note that if you use rm to remove a file, it is usually possible to recover the contents of that file. Do you know of a way to recover a file deleted with rm?
View 2 Replies View Relatedi am new to debian. I need to know after booting sequence login shell appears to get username and password. so what happens when user puts username and password ?? how this given username and password are matched with /etc/shadow file ??
my another question is what is role of /etc/pam.d/ authenticating username and password ?? does it work with shadow file or not ?