Re: Non-existent user able to log in??? hacked????

Tue, 18 May 2004 19:19:23 -0500 

Greetings,

It's been a long time, but IIRC, the NIS uses it's own dbm files which are
built from those in /etc. The test account must have existed when you set
it up.

G'day,
sjames

-------------------------steven james, director of research, linux labs
... ........ ..... ....                    230 peachtree st nw ste 2701
the original linux labs                             atlanta.ga.us 30303
      -since 1995                              http://www.linuxlabs.com
                                              office & fax 866.545.6306
-----------------------------------------------------------------------


On Wed, 19 May 2004, A. Loonstra wrote:

> Jeremy Melanson wrote:
>
> > Hi Arnaud.
> >
> > The first things I'd check are:
> >
> > * Are the passwd, group, and shadow entries in your "/etc/nsswitch.conf"
> > configured correctly?
> >
> > * If you have NIS installed on your machine, issue "/etc/init.d/nis
> > stop" and "/etc/init.d/portmap stop" commands. Then see if you can still
> > log in as the 'test' user. If you don't need it, consider uninstalling
> > NIS.
> >
> > * Can you change the password for user 'test' while logged in as root?
> >
> > * What do your "/etc/pam.d/ssh" and "/etc/pam.d/ftpd" files look like?
> >
> > Hope this helps :-)
> >
> > -----
> > Jeremy
> >
>
> Yep, that helped bigtime... I've shutdown NIS and I'm not able to login
> as test anymore.
>
> When I start NIS again I am able to logon as test.
> ypcat passwd reveals the existance of the test account and also explains
> why it is mapped against the particular local existent user. ypcat
> shadow.byname also reveals the password for test.
>
> Question remains why NIS is doing this, or what I am doing wrong. I did
> setup this server the serve some linux workstations as a test. I guess I
> underestimated NIS thinking it would just use shadow and passwd from /etc.
>
> this is my nsswitch:
> passwd:         compat
> group:          compat
> shadow:         compat
>
> hosts:          files dns
> networks:       files
>
> protocols:      db files
> services:       db files
> ethers:         db files
> rpc:            db files
>
> netgroup:       nis
>
> Arnaud.
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>

Reply via email to