[ncolug] Re: /etc/shadow !! in password file

• From: "M. Knisely" <charon79m@xxxxxxxxx>
• To: "ncolug@xxxxxxxxxxxxx" <ncolug@xxxxxxxxxxxxx>
• Date: Thu, 20 Jun 2013 13:27:31 -0400

The basics is that a person deleted a bunch of service accounts on a VMware
ESX machine.  I need to recreate these service accounts.  The original
service accounts have in the /etc/shadow line for the user "!!" without the
quotes in the password section of that user's line.

After some help from Nosbig, we found that this is the standard value of a
created account that has never had a password on any RedHat or derivative
there of.  On the Debian based machines I was using as my test, the default
for them is just a simple "!" and not the double like RedHat does.

So, what I believe I need to do to re-create these accounts is this:

adduser -d / -s /sbin/nologin -r -u 99 nobody

So, this is going to create a user called nobody with a home of root and a
shell of /sbin/nologin.  Since the UID I need for this user falls below
500, I have to use the -r and then I can tell it to use the original UID of
99 using the -u command.

I'm testing this in the lab now and will post back the results.

Mike K.


On Thu, Jun 20, 2013 at 1:03 PM, Mike <bellyacres@xxxxxxxxx> wrote:

> On 06/20/2013 10:49 AM, M. Knisely wrote:
>
>> I know that the ! can mean that the password field is blank or
>> disabled... what I need to do is to use the passwd command to get it to
>> write a !! in the password field of /etc/shadow.
>>
>> Any suggestions?
>>
>> Mike K.
>>
>> PS:  Yes, I have googled it... extensively.
>> PPS:  Yes, I know I can, as root, edit /etc/shadow and do it manually.
>>  Trust me when I say that there are reasons I don't want to do that unless
>> I absolutely have to.
>>
>
> Here is a way....
>
> mike@tightrope:~$ apropos passwd
> chgpasswd (8)        - update group passwords in batch mode
> chpasswd (8)         - update passwords in batch mode
> Crypt::PasswdMD5 (3pm) - Provides interoperable MD5-based crypt() functions
> exim4_passwd (5)     - Files in use by the Debian exim4 packages
> exim4_passwd_client (5) - Files in use by the Debian exim4 packages
> gpasswd (1)          - administer /etc/group and /etc/gshadow
> grub-mkpasswd-pbkdf2 (1) - generate hashed password for GRUB
> lppasswd (1)         - add, change, or delete digest passwords.
> makepasswd (1)       - generate and/or encrypt passwords
> mkpasswd (1)         - Overfeatured front end to crypt(3)
> mksmbpasswd (8)      - formats a /etc/passwd entry for a smbpasswd file
> pam_localuser (8)    - require users to be listed in /etc/passwd
> passwd (1)           - change user password
> passwd (1ssl)        - compute password hashes
> passwd (5)           - the password file
> smbpasswd (5)        - The Samba encrypted password file
> smbpasswd (8)        - change a user's SMB password
> update-passwd (8)    - safely update /etc/passwd, /etc/shadow and
> /etc/group
> mike@tightrope:~$
>
> mike@tightrope:~$ man chpasswd
>
> mike@tightrope:~$ script
> Script started on Thu 20 Jun 2013 12:42:53 PM EDT
> mike@tightrope:~$ sudo adduser iputz
> [sudo] password for mike:
> Adding user `iputz' ...
> Adding new group `iputz' (1001) ...
> Adding new user `iputz' (1001) with group `iputz' ...
> Creating home directory `/home/iputz' ...
> Copying files from `/etc/skel' ...
> Enter new UNIX password:
> Retype new UNIX password:
> passwd: password updated successfully
> Changing the user information for iputz
> Enter the new value, or press ENTER for the default
>     Full Name []: Ima Putz
>     Room Number []:
>     Work Phone []:
>     Home Phone []:
>     Other []:
>     Other []:
> Is the information correct? [Y/n]
> mike@tightrope:~$ sudo grep iputz /etc/passwd /etc/shadow
> /etc/passwd:iputz:x:1001:1001:**Ima Putz,,,:/home/iputz:/bin/bash
> /etc/shadow:iputz:$6$vrgqeJNq$**GF2OckxPdW5eJvM/**
> Tu3avSBN73tT10e5VFhoH6MiRGcHOp**EumuMsbXOOrFsh0Gr0N3BLddMzYc5b**
> M8ggvFi4M0:15876:0:99999:7:::
> mike@tightrope:~$ echo 'iputz:!!' | sudo chpasswd -c NONE
> sudo grep iputz /etc/passwd /etc/shadow
> /etc/passwd:iputz:x:1001:1001:**Ima Putz,none,,:/home/iputz:/bin/**bash
> /etc/shadow:iputz:!!:15876:0:**99999:7:::
> mike@tightrope:~$ exit
> Script done on Thu 20 Jun 2013 12:51:23 PM EDT
> mike@tightrope:~$
>
>
>
> To unsubscribe send to ncolug-request@xxxxxxxxxxxxx with 'unsubscribe' in
> the Subject field.
>
>

• Follow-Ups:
  • [ncolug] Re: /etc/shadow !! in password file
    • From: Mike
  • [ncolug] Re: /etc/shadow !! in password file
    • From: Mike

• References:
  • [ncolug] /etc/shadow !! in password file
    • From: M. Knisely
  • [ncolug] Re: /etc/shadow !! in password file
    • From: Mike

Other related posts:

• » [ncolug] /etc/shadow !! in password file- M. Knisely
• » [ncolug] Re: /etc/shadow !! in password file- nor thern
• » [ncolug] Re: /etc/shadow !! in password file- Mike
• » [ncolug] Re: /etc/shadow !! in password file- Mike
• » [ncolug] Re: /etc/shadow !! in password file - M. Knisely
• » [ncolug] Re: /etc/shadow !! in password file- Mike
• » [ncolug] Re: /etc/shadow !! in password file- Mike
• » [ncolug] Re: /etc/shadow !! in password file- M. Knisely
• » [ncolug] Re: /etc/shadow !! in password file- Mike
• » [ncolug] Re: /etc/shadow !! in password file- Gary Sanders
• » [ncolug] Re: /etc/shadow !! in password file- M. Knisely
• » [ncolug] Re: /etc/shadow !! in password file- M. Knisely
• » [ncolug] Re: /etc/shadow !! in password file- Chuck
• » [ncolug] Re: /etc/shadow !! in password file- M. Knisely

1. Home
2. ncolug
3. Archive
4. 06-2013

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---