On 5/3/2012 9:31 PM, Chris Cappuccio wrote:
Mike Erdely [m...@erdelynet.com] wrote:
FYI: For a test, I added "foo" with useradd(8) and "bar" with adduser(8):
# grep -E "(foo|bar)" /etc/master.passwd
foo:*************:1002:1002::0:0::/home/foo:/bin/ksh
bar:*:1003:1003::0:0:bar:/home/bar:/bin/ksh
Looks like useradd does the right thing and adduser does not.
Maybe I missed the memo. When did thirteen asterisks start to mean anything
different than the single traditional asterisk? sshd/login tries to hash
against it but not * ?
For my specific case, it means something different to
/usr/libexec/security's daily run, and Mike Erdely pointed out adduser
and useradd have inconsistent behavior regarding the passwd file, which
was probably the root of my original confusion.
"Note that
there is nothing special about `*', it is just one of many characters
that cannot occur in a valid encrypted password (see crypt(3)).
Similarly, login accounts not allowing password authentication but
allowing other authentication methods, for example public key
authentication, conventionally have 13 asterisks in the password
field."
http://www.openbsd.org/cgi-bin/man.cgi?query=passwd&apropos=0&sektion=5&manpath=OpenBSD+Current&arch=i386&format=html
<http://www.openbsd.org/cgi-bin/man.cgi?query=passwd&apropos=0&sektion=5&manpath=OpenBSD+Current&arch=i386&format=html>
--
