[lug] Users added during install with no password
bthoen at gisnet.com
Thu Jul 1 18:17:32 MDT 2004
On Thu, 1 Jul 2004, Zan Lynx wrote:
> On Thu, 2004-07-01 at 17:52, Bill Thoen wrote:
> > I recently installed RH 9.0 and noticed that the user named 'rpm' was
> > added in the process and assigned the /bin/bash shell... but no password.
> Are you sure it's blank? On my system, the rpm user has an "x" for a
> password in the /etc/passwd file and !! in the /etc/shadow file. An x
> is not a valid crypt or MD5 hash, so it really means the rpm user isn't
> allowed to log in at all. If you are using shadow passwords, an "x"
> means a shadow password; for those you look in /etc/shadow. Again, an
> invalid hash in /etc/shadow means the user isn't allowed to log in.
Ah, that's it then. I have two bangs in the password position for 'rpm' in
/etc/shadow and there I also see the encrypted passwords on the users I
know have passwords, and those look reassuringly complicated.
- Bill Thoen
More information about the LUG