On Thu, 18 Dec 2003 11:44:14 +0000 "Rhys John" <[EMAIL PROTECTED]> probably wrote:
> Both accounts are now active but i would like to remove the encrypted > password from master.passwd and replace it with a *. Is this possible with > "vipw"? > It doesn't matter what you use for editing your password files (at least for this point). If you have a `*' in your master.passwd, that means that direct console logins for that user are disabled. If you are so much embarassed about root having a password, you may use sudo (from ports) and allow a certain user to "sudo sh" to gain root priveleges, for instance. He (you as a user) will then have to enter his own password, not root's. This way, you exchange a cracker's job of cracking your root password for a job of cracking your user password, so it's not much more secure:). > Thanks for your reply hugle > > >From: hugle <[EMAIL PROTECTED]> > >Reply-To: hugle <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Subject: Re: master.passwd -- securing > >Date: Thu, 18 Dec 2003 03:39:18 -0800 > > > >RJ> Ive been playing with "vipw" trying to change passwords into "*" for a > >RJ> slightly higher level of security but ran into some very big problems. > >RJ> From reading through the FreeBSD handbook it seemed all i had to do was replace > >RJ> the encrypted password with *, which is what i did. I thought it seemed > >RJ> bit odd but continued anyway. Foolishly (although i was quite tired) i did > >RJ> this to both my user account and root. So they both had * as their password > >RJ> and looked the same as every other entry in the file. I saved it and "vipw" > >RJ> updated the database so i thought all was well and logged off to check... > >RJ> big mistake! The net result of this was not good, i couldnt access my user > >RJ> account or root :( Anyway i had to cut the power to my PC since i couldnt > >RJ> shut it down because i was locked out. After that i went into single user > >RJ> mode and changed the passwords back and its working now but i cant hide the > >RJ> passwords. So i guess after all this rambling my question is how to i secure > >RJ> the password file? How do i change from the encrypted password to * without > >RJ> screwing over my system? Any help would by much appreciated > >try doing that: > >#Forget your root pw? > >1. Reboot. when you see the "boot" prompt, type boot -s and hit enter > >2. run this command: fsck -p / && mount -u / > >3. use the `passwd` command to set a password for root > >4. reboot, done > > > >hope that helps.. > > > > > >_______________________________________________ > >[EMAIL PROTECTED] mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >To unsubscribe, send any mail to > >"[EMAIL PROTECTED]" > > _________________________________________________________________ > Find a cheaper internet access deal - choose one to suit you. > http://www.msn.co.uk/internetaccess > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > -- DoubleF Violence is the last refuge of the incompetent. -- Salvor Hardin
pgp00000.pgp
Description: PGP signature
