[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Password problem confirmed as repeatable - was [Re: Newbie password problem(s)]


On Fri, Nov 16, 2012 at 01:53:47PM -0600, Richard Owlett wrote:
> Terho Uotila wrote:
> >Unless you want to try very minimal system you probably want shadow
> >passwords.
> I do not understand.
> Going by text displayed during the installation  I had the
> impression that shadow passwords were for those overly paranoid
> about supposed incremental security advantages. My machines will
> effectively be the ultimate in single user systems. I will be the
> only one with physical access. They will have only occasional
> restricted access to the internet over a dial up connection. It is
> very unlikely that there will ever be a LAN among my machines. I do
> not see that Debian even claims that shadow passwords *could* be of
> any benefit to me ;/

1. Use of shadow is almost standard these days.

2. If your are attacked while you are using user account to access
   internet, the use of shadow password gives you one thin but extra
   layer of protection to protect your root account after your user
   account is hacked.

3. Disabling shadow does not give you much speed or space.  Configuring
   system to odd configuration is usually not good idea since it is
   tested less.

> >On Thu, 15 Nov 2012 11:04:21 -0600
> >Richard Owlett wrote:
> >
> >>2. Did not enable shadow passwords
> >>(...)
> >>3. Attempted "su", neither root nor user password accepted
> >
> >You may have hit a bug.
> Obviously there is a "bug".
> The question is it me or Debian?

In this context, more likely Debian or its upstream.
> >I noticed a problem with disabling shadow
> >passwords some time back and I don't know if anyone has fixed it, as
> >(ahem) I haven't gotten around to reporting it yet...
> For you I have such a deal.
> I've submitted a bug [693464@bugs.debian.org] on which you may
> comment.
> This will be especially useful if the problem has been observed in
> something later than version 6.0.5.
> >
> >I recall (maybe wrongly) figuring out that when shadow passwords were
> >not enabled, installer still saved root password into shadow before
> >disabling it, or something on those lines.
> I don't know. Though ~"3 score and 10", this is my first foray into
> *nix.

Welcome and if you are newbie, stay within safe area :-)
Do not try to do something complicated before getting system understood.

> >I could fix my installation at the time by going into single user mode
> >and changing root password, after which it worked correctly.
> I don't understand that.

I did not know this but passwd package ships command called
shadowconfig.  Use "shadowconfig on".  

See "man shadowconfig" and  /usr/share/doc/passwd/README.Debian for more.
(If you installed from CD, you may alternatively reinstall system ...)

By the way, we have some basics for use as:

Good luck,


Reply to: