On Wed, Jun 25, 2008 at 04:42:25PM +0200, Dotan Cohen wrote: > 2008/6/25 Andrei Popescu <[EMAIL PROTECTED]>: > > Maybe it changed, but there used to be no password for the root > > account... > > > > https://help.ubuntu.com/community/RootSudo > > > > no, it hasn't changed. > > Nowhere does that document say that there is no password for root. > what it does say is this: > """By default, the root account password is locked in Ubuntu.""" > > There is a root password, but the user does not know it.
Typically, in unix-type systems, a "locked" account has no valid password. This is easily verified with (as root, of course) a simple `grep root /etc/shadow`: - If the field between the first and second colons contains 13 characters long and begins with two characters from: a-zA-Z0-9./ then root has a (known or unknown) password hashed with crypt (and you should probably upgrade to MD5 password hashes). - If this field is $1$ followed by 31 other characters, then root has a (known or unknown) password and is using MD5 hashes. - If this field has any other value (typically starting with * or !, although it doesn't need to), then there is no valid password for the account because no possible input could ever produce a hash which matches that value. In unix terminology, a "locked" account falls into the third category. Debian's passwd locks an active account (passwd -l username) by prepending a ! to the hash, making it unmatchable while also preserving the ability to unlock it (by removing the !) at a later date, but, e.g., Debian's daemon account is also considered "locked" with that field containing only a * which, again, creates the absence of any possible valid password. I expect this to also be true of the root password in a default Ubuntu install, but do not have an Ubuntu machine available to verify this. -- News aggregation meets world domination. Can you see the fnews? http://seethefnews.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
