HPE Community
Operating System - Linux
1833053 Members
2433 Online
110049 Solutions
New Discussion

Re: script to check for null passwords

 
Ragni Singh
Super Advisor

‎07-06-2005 03:50 AM

‎07-06-2005 03:50 AM

script to check for null passwords

Hello, does anyone have a script to share with me thats goes and checks for null passwords.

And also check for any user that has a GID of 0 except for root.

Thanks for the time and points will be assigned.
0 Kudos
Reply
5 REPLIES 5
Ivan Ferreira
Honored Contributor

‎07-06-2005 04:31 AM

‎07-06-2005 04:31 AM

Re: script to check for null passwords

Check ID=0

grep -v root /etc/passwd | awk -F ":" '$3 == 0 { print $1 }'

Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎07-06-2005 04:36 AM

‎07-06-2005 04:36 AM

Re: script to check for null passwords

I don't have a linux to test but i beleave that a null password has no password entry in /etc/shadow, so:

cat /etc/shadow | awk -F ":" '$2 == "" { print $1 }'


This could tell y you the username with null password.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Rick Garland
Honored Contributor

‎07-06-2005 04:37 AM

‎07-06-2005 04:37 AM

Re: script to check for null passwords

A couple of quick and dirty scripts

If you use the /etc/shadow file
cat /etc/shadow | awk -F: '{print $1, $2}'

This will list the 1st field and the 2nd field of the shadow file. If the 2nd field of the LOGNAME is blank, no passwd.


Other option is to use the passwd -S 'LOGNAME' command. This will give a verbose output of the passwd status for the account.

Example;
cat /etc/passwd | awk -F: '{print $1}' | while read line
do
passwd -S $line
done


For GID=0
cat /etc/group | awk -F: '{print $1, $3}'
This will list the LOGNAME and the GID value.


There are the GUI tools available as well that will allow you to look at the settings. No scripts required.

0 Kudos
Reply
Rick Garland
Honored Contributor

‎07-06-2005 04:48 AM

‎07-06-2005 04:48 AM

Re: script to check for null passwords

Additional note.

Those accounts with the !! characters, the account is locked. Cannot use this account to login. These accounts may be required for applications you may have and it is OK to have these accounts locked.

Personally, I like the passwd -S $LOGNAME

0 Kudos
Reply
Ragni Singh
Super Advisor

‎07-06-2005 05:19 AM

‎07-06-2005 05:19 AM

Re: script to check for null passwords

Thanks, points are assigned.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.