how to make "passwd" accept blank passwords?

**user222** · 03-21-2005

How come the "passwd" utility in most Linux distributions doesn't usually accept blank passwords? The one in Slackware Linux does accept blank passwords.

it doesn't display the following errors:

Code:

# passwd
Changing password for user root.
New UNIX password&#58;
BAD PASSWORD&#58; it's WAY too short
Retype new UNIX password&#58;
No password supplied
No password supplied
No password supplied

passwd&#58; Authentication token manipulation error

**adam7979** · 03-21-2005

edit your /etc/shadow by hand:

[root@intra log]# cat /etc/shadow|more
root:$1$iM/2lekk$rXUAcF5fY8ddLL.B1bkH63:12242:0:99999:7:::

remove the second field so it becomes
root::12242:0:99999:7:::

pretty stupid root user..... :P

**swemic** · 03-21-2005

I think the Q was more of WHY and not HOW.

This is set through your PAM modules.
Either you have a file called /etc/pam.conf or you'll have a directory called /etc/pam.d where your current configuration is set.
Browse through those files and read the manual pages to get a closer understanding how PAM works.
(btw PAM == Pluggable Authentication Modules)

**sealfood** · 03-21-2005

In KDE (I can't give details since I'm not on my Linux box right now) you can change the log in so that either no password is necessary, or user names, or both! I tried it once but I've got so used to Linux security that even though boot ups were quicker I felt rather uneasy so I changed back to passwords and names.

**sealfood** · 03-22-2005

I'm now back where I feel comfortable.

In KDE 3.2.3I can change the login by taking this path: Settings/Control Center/Security and Privacy/System Administration/Login Manager/Convenience.

**Ethyriel** · 03-22-2005

Swemic, I don't think Pat has given in on the PAM front, yet.

As for why, I can see it being useful for a guest account. It would have to have extremely limited privileges, of course.

**swemic** · 03-22-2005

No, but PAM is the primary security handler in Linux distros now a days.
The question was why ZERO length passwords is not accepted. And the solution is to get into the PAM configruation and change it.

**user222** · 04-02-2005

Originally Posted by adam7979

edit your /etc/shadow by hand:

[root@intra log]# cat /etc/shadow|more
root:$1$iM/2lekk$rXUAcF5fY8ddLL.B1bkH63:12242:0:99999:7:::

remove the second field so it becomes
root::12242:0:99999:7:::

pretty stupid root user..... :P

A blank password is not the same as no password. With a blank password, you will still get something like "root:[something]:12242:0:99999:7:::", but when you get a password prompt, you only need to press [ENTER]. With no password, you will not get a password prompt at all.

**sdousley** · 04-02-2005

Originally Posted by adam7979

edit your /etc/shadow by hand:

[root@intra log]# cat /etc/shadow|more
root:$1$iM/2lekk$rXUAcF5fY8ddLL.B1bkH63:12242:0:99999:7:::

remove the second field so it becomes
root::12242:0:99999:7:::

if u wanna find out what a blank password would be, you need to know what encryption ur computer uses for the passwords eg, blowfish/MD5.

Then u can use the tool to encrypt a blank password, and then put that blank encrypted password in to the 2nd field.

**scm** · 04-05-2005

To me, a blank password is a string consisting of just the terminating NUL character. What characters are encrypted in a "blank" password to make it different? Do you space-fill the field? How many spaces?

Steve

Thread Tools

Display

how to make "passwd" accept blank passwords?

Posting Permissions