Vincentg
asked on
ROOT access from remote computer.
Hello,
1. I just installed RedHat 5.2 Kernel 2.0.36 on my computer.
When I connect from a remote computer ROOT gives
invalid password but it is the right password.
2. How can I make a shadowed user. When I
make a new user the password is not shadowed.
Thanks for the help.
Vincent
1. I just installed RedHat 5.2 Kernel 2.0.36 on my computer.
When I connect from a remote computer ROOT gives
invalid password but it is the right password.
2. How can I make a shadowed user. When I
make a new user the password is not shadowed.
Thanks for the help.
Vincent
Redhat by default won't allow root access from another machine because it is a security hole. It is better to set up a user account and give that account permission to do the things you want to do.
ASKER
Okee thanks for the information swwelsh.
Vincent
Vincent
You can't login as root directly from another machine (or at least not without editing some config files. However, DON'T setup a user account with root permissions - that's just like having a root login available. Have a normal user account, and login using it, and then use the 'su' command to become root whenever you need extra privileges.
You should checkout the shadow-utils package. In that package are programs to convert the passwd (pwconv and pwunconv) and group (grpconv and grpunconv) files to and from shadowed form as well as other information pertaining to shadowing.
Oh yeah, I forgot to answer part 2). It sounds like you might be using some system to add users which doesn't know about shadowed passwords.
You should be able to just do it manually by editing /etc/passwd - just make sure you specify a * in the password field, and give the user a unique login and user id. The shadow passwords are likely to be in /etc/shadow, but you may need to check the filename on your system.
If you do use a program to create users, you can just copy the password it generates (from /etc/passwd) into /etc/shadow -- then just blank out the password in /etc/passwd with a *. This should do the trick.
You should be able to just do it manually by editing /etc/passwd - just make sure you specify a * in the password field, and give the user a unique login and user id. The shadow passwords are likely to be in /etc/shadow, but you may need to check the filename on your system.
If you do use a program to create users, you can just copy the password it generates (from /etc/passwd) into /etc/shadow -- then just blank out the password in /etc/passwd with a *. This should do the trick.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If the system has even several users, though, it's most unlikely you'll ever get the same psuedo tty number. I'd never make anything a secure device apart from the console.
Redhat 5.2 is setup to use shadow passwords but not by default. Please look at the man pages for the conversions programs that I mentioned in my earlier comment.