HPE Community
Operating System - HP-UX
1834827 Members
1943 Online
110070 Solutions
New Discussion

/etc/passwd not trusted and * mark for certain passwords

 
SOLVED
Go to solution
Daniel Aguirre
Occasional Advisor

‎06-16-2003 02:04 PM

‎06-16-2003 02:04 PM

/etc/passwd not trusted and * mark for certain passwords

Hi there, i want to know what does mean the * mark in some passwd accounts, i supposed that this marks were as result of converting the system to trusted, but now i dont have my system in trusted mode and i can still see this marks in some accounts.

Thanks in advance
kuinezco
0 Kudos
Reply
5 REPLIES 5
A. Clay Stephenson
Acclaimed Contributor

‎06-16-2003 02:05 PM

‎06-16-2003 02:05 PM

Re: /etc/passwd not trusted and * mark for certain passwords

That is an intentionally impossible passwd heash and it has the effect of disabling the account. The '*' is the most common convention for disabling the account.
If it ain't broke, I can fix that.
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎06-16-2003 02:06 PM

‎06-16-2003 02:06 PM

Re: /etc/passwd not trusted and * mark for certain passwords

That is an intentionally impossible passwd hash and it has the effect of disabling the account. The '*' is the most common convention for disabling the account.
If it ain't broke, I can fix that.
0 Kudos
Reply
Francisco J. Soler
Honored Contributor

‎06-16-2003 02:13 PM

‎06-16-2003 02:13 PM

Solution

Re: /etc/passwd not trusted and * mark for certain passwords

Hi,

These are special system users, needed for the system to work properly, but nobody has access to use them.

It is also possible, that some software adds this kind of users to work, but once more, they are special users, not normal users.

Frank.
Linux?. Yes, of course.
Reply
Michael Tully
Honored Contributor

‎06-16-2003 02:23 PM

‎06-16-2003 02:23 PM

Re: /etc/passwd not trusted and * mark for certain passwords

The '*' indicates the account is disabled on a non-trusted system. On a trusted system all accounts have '*' in the password encryption field.

Regards
Michael
"When I have trouble spelling, it's called fat finger syndrome"
Anyone for a Mutiny ?
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎06-16-2003 04:13 PM

‎06-16-2003 04:13 PM

Re: /etc/passwd not trusted and * mark for certain passwords

As mentioned, it is an invalid password so login to the account is not possible. The * is historical, mostly because it is easier to see than other characters. Actually, any string less than 13 characters will do the same thing. You can replace * with DISABLED or GoAway or any other string 12 chars or less and no one can login to that account. The reason that the crypt function takes 1 to 8 characters, plus 2 'seed' characters and forms a 13-character password. Since crypt is a one-way encryption, the only way to match a password is to run the same crypt function on the user's response. Then login just compares the two srrings. Since the crypt always produces a 13 char string, login will always fail if there 12 or less. For Trusted Systems, a different algorithm is used (bigcrypt) which handles longer passwords.


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.