HPE Community
Operating System - HP-UX
1836596 Members
1593 Online
110102 Solutions
New Discussion

Null password

 
SOLVED
Go to solution
Rudi Martin
Advisor

‎03-17-2004 06:34 PM

‎03-17-2004 06:34 PM

Null password

Hi there people

I need to setup a user who , when loggin in with a certain username , won't need to put in a password , it just takes him directly to a menu.

How do I setup the no password feature ? I can assign a null password where you can only press enter , but I want to take it away.

Thanks
0 Kudos
Reply
8 REPLIES 8
Karthik S S
Honored Contributor

‎03-17-2004 06:46 PM

‎03-17-2004 06:46 PM

Solution

Re: Null password

edit /etc/passwd and remove the entries in the second field (separated by colons).

Ex:
karthi::101:20::/home/karthi:/sbin/sh

-Karthik S S
For a list of all the ways technology has failed to improve the quality of life, please press three. - Alice Kahn
Reply
Mark Grant
Honored Contributor

‎03-17-2004 06:56 PM

‎03-17-2004 06:56 PM

Re: Null password

Well, if the user connects via a serial terminal you might be able to do this by changing the login program for this user to a shell in /etc/inittab. I have never tried this myself though.

If the user connects via telnet I don't know how you would get a different login program running but someone else might.

Your problem is, that you are going to HAVE to hit return.

There is another option for you if the user is on a machine that supoprts "remsh" (rsh on most unixes and possibly rexec on Windows). If the user has a .rhosts file on the target machine in their home directory which contains the machine they a re coming from, they can get a shell without any login interuptions at all.
Never preceed any demonstration with anything more predictive than "watch this"
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

‎03-17-2004 09:31 PM

‎03-17-2004 09:31 PM

Re: Null password

Hi

An entry in passwd with a nul in the password field is a big security issue.

Is this a real user or just a user being created to carry out a specific task.

If a real user then put a password in his/her login and tell then it is too big a security issue.

Nul entries in the passwd field is one of the first things I look for during a security check.

If a psudo user then look at an alternative way of doing this.

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Rudi Martin
Advisor

‎03-17-2004 09:46 PM

‎03-17-2004 09:46 PM

Re: Null password

Hi Paula

It's a pseudo user. What alternatives can you recommend as I'm not too keen on this as well ?
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

‎03-18-2004 05:07 AM

‎03-18-2004 05:07 AM

Re: Null password

Hi

If a psudo users do you just requre a login to carry out a specific tas?, if so then login with password and task in the users .profile followed by an exit.

It all depend on what the user has to do once logged in.

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Michael Schulte zur Sur
Honored Contributor

‎03-18-2004 05:24 AM

‎03-18-2004 05:24 AM

Re: Null password

Hi Rudi,

be aware, that such a user also could do ftp!

greetings,

Michael
0 Kudos
Reply
Floyd Curtis
Frequent Advisor

‎03-18-2004 05:48 AM

‎03-18-2004 05:48 AM

Re: Null password

As others have said, you can null out the passwd entry in /etc/passwd but at the end of the line instead of the default shell have the full path name of your program/application. The first part of the app should disable signals to prevent breaks/interrupts during the applications execution. However, IMHO this is a definite security risk because you are bypassing much with no tracability. I would only consider this on a stand alone system with unimportant data unless much time is spend making the app bulletproof.

fwc
0 Kudos
Reply
Marvin Strong
Honored Contributor

‎03-18-2004 05:56 AM

‎03-18-2004 05:56 AM

Re: Null password

Another option may be to just use the menu program as the users shell.
You might need to put the menu program in /etc/shells.

mstrong:passwd:100:20::/home/mstrong:menu

but you should definately require a password of some type.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.