Using chpass

[Ceri Davies]

On Mon, Aug 25, 2003 at 04:06:54PM -0500, Charles Howse wrote:
> > > Can someone please set me straight?
> > 
> > chpass -a "toor::0:0::0:0:Nobody Important:/root:/sbin/nologin" toor
> 
> Ahaaa!  The quotes!  Thank you!

Well, that, plus the fields for the change and expire times.

> > Note, however, that you're setting the password for this user 
> > to a null
> > password, allowing any local user in wheel to "su -m toor" if you have
> > added /sbin/nologin to /etc/shells.
> 
> Understood, if I wanted to keep the same password.....wait a
> minute....what is the default password for toor?

toor normally has a master.passwd entry of '*', meaning that password
authentication will always fail.

> If I wanted to insert a new password, I'd have to use crypt, and paste
> the encrypted password into the proper field, correct?
> 
> Proper syntax?  Crypt newpassword...?
> I read the crypt/enigma man page and did:
> # crypt newpassword
> (Nothing............................................)
> ^C
> #

crypt(1) is intended for obfuscating file contents really, not for generating
password hashes (for that, you'd want crypt(3)).

The simplest way to do it would be to either copy the current hash from
/etc/master.passwd, or originally use *, and then change it with passwd(1).

You can generate password hashes with simple scripts, but that's slightly
more involved than I want to go into at the moment (I'm cooking dinner!).

Ceri
-- 
User: DO YOU ACCEPT JESUS CHRIST AS YOUR PERSONAL LORD AND SAVIOR?
Iniaes: Sure, I can accept all forms of payment.
                                           -- www.chatterboxchallenge.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030825/5dbff419/attachment.bin