Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 14
How come the "passwd" utility in most Linux distributions doesn't usually accept blank passwords? The one in Slackware Linux does accept blank passwords. it doesn't display the following errors: Code: ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie
    Join Date
    Oct 2004
    Posts
    139

    how to make "passwd" accept blank passwords?


    How come the "passwd" utility in most Linux distributions doesn't usually accept blank passwords? The one in Slackware Linux does accept blank passwords.

    it doesn't display the following errors:
    Code:
    # passwd
    Changing password for user root.
    New UNIX password:
    BAD PASSWORD: it's WAY too short
    Retype new UNIX password:
    No password supplied
    No password supplied
    No password supplied
    
    passwd: Authentication token manipulation error

  2. #2
    Linux User
    Join Date
    Feb 2005
    Posts
    290
    edit your /etc/shadow by hand:

    [root@intra log]# cat /etc/shadow|more
    root:$1$iM/2lekk$rXUAcF5fY8ddLL.B1bkH63:12242:0:99999:7:::

    remove the second field so it becomes
    root::12242:0:99999:7:::

    pretty stupid root user..... :P

  3. #3
    Linux Enthusiast
    Join Date
    Feb 2005
    Location
    SE, Stockholm
    Posts
    512
    I think the Q was more of WHY and not HOW.

    This is set through your PAM modules.
    Either you have a file called /etc/pam.conf or you'll have a directory called /etc/pam.d where your current configuration is set.
    Browse through those files and read the manual pages to get a closer understanding how PAM works.
    (btw PAM == Pluggable Authentication Modules)

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Aug 2004
    Location
    UK
    Posts
    79
    In KDE (I can't give details since I'm not on my Linux box right now) you can change the log in so that either no password is necessary, or user names, or both! I tried it once but I've got so used to Linux security that even though boot ups were quicker I felt rather uneasy so I changed back to passwords and names.

  6. #5
    Just Joined!
    Join Date
    Aug 2004
    Location
    UK
    Posts
    79
    I'm now back where I feel comfortable.

    In KDE 3.2.3I can change the login by taking this path: Settings/Control Center/Security and Privacy/System Administration/Login Manager/Convenience.

  7. #6
    Linux User
    Join Date
    Jan 2005
    Location
    Arizona
    Posts
    288
    Swemic, I don't think Pat has given in on the PAM front, yet.

    As for why, I can see it being useful for a guest account. It would have to have extremely limited privileges, of course.
    Michael Salivar

    Man knows himself insofar as he knows the world, becoming aware of it only in himself, and of himself only within it.
    --Goethe

  8. #7
    Linux Enthusiast
    Join Date
    Feb 2005
    Location
    SE, Stockholm
    Posts
    512
    No, but PAM is the primary security handler in Linux distros now a days.
    The question was why ZERO length passwords is not accepted. And the solution is to get into the PAM configruation and change it.

  9. #8
    Linux Newbie
    Join Date
    Oct 2004
    Posts
    139
    Quote Originally Posted by adam7979
    edit your /etc/shadow by hand:

    [root@intra log]# cat /etc/shadow|more
    root:$1$iM/2lekk$rXUAcF5fY8ddLL.B1bkH63:12242:0:99999:7:::

    remove the second field so it becomes
    root::12242:0:99999:7:::

    pretty stupid root user..... :P
    A blank password is not the same as no password. With a blank password, you will still get something like "root:[something]:12242:0:99999:7:::", but when you get a password prompt, you only need to press [ENTER]. With no password, you will not get a password prompt at all.

  10. #9
    Linux Guru sdousley's Avatar
    Join Date
    Feb 2004
    Posts
    1,790
    Quote Originally Posted by adam7979
    edit your /etc/shadow by hand:

    [root@intra log]# cat /etc/shadow|more
    root:$1$iM/2lekk$rXUAcF5fY8ddLL.B1bkH63:12242:0:99999:7:::

    remove the second field so it becomes
    root::12242:0:99999:7:::
    if u wanna find out what a blank password would be, you need to know what encryption ur computer uses for the passwords eg, blowfish/MD5.

    Then u can use the tool to encrypt a blank password, and then put that blank encrypted password in to the 2nd field.
    "I am not an alcoholic, alcoholics go to meetings"
    Registered Linux user = #372327

  11. #10
    scm
    scm is offline
    Linux Engineer
    Join Date
    Feb 2005
    Posts
    1,044
    To me, a blank password is a string consisting of just the terminating NUL character. What characters are encrypted in a "blank" password to make it different? Do you space-fill the field? How many spaces?

    Steve

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •