[lug] Users added during install with no password

Bill Thoen bthoen at gisnet.com
Thu Jul 1 18:17:32 MDT 2004

On Thu, 1 Jul 2004, Zan Lynx wrote:

> On Thu, 2004-07-01 at 17:52, Bill Thoen wrote:
> > I recently installed RH 9.0 and noticed that the user named 'rpm' was
> > added in the process and assigned the /bin/bash shell... but no password. 
> Are you sure it's blank?  On my system, the rpm user has an "x" for a
> password in the /etc/passwd file and !! in the /etc/shadow file.  An x
> is not a valid crypt or MD5 hash, so it really means the rpm user isn't
> allowed to log in at all.  If you are using shadow passwords, an "x"
> means a shadow password; for those you look in /etc/shadow.  Again, an
> invalid hash in /etc/shadow means the user isn't allowed to log in.

Ah, that's it then. I have two bangs in the password position for 'rpm' in
/etc/shadow and there I also see the encrypted passwords on the users I 
know have passwords, and those look reassuringly complicated. 


- Bill Thoen

More information about the LUG mailing list