Hi,
On Fri, Nov 16, 2012 at 01:53:47PM -0600, Richard Owlett wrote:
Terho Uotila wrote:
Unless you want to try very minimal system you probably want shadow
passwords.
I do not understand.
Going by text displayed during the installation I had the
impression that shadow passwords were for those overly paranoid
about supposed incremental security advantages. My machines will
effectively be the ultimate in single user systems. I will be the
only one with physical access. They will have only occasional
restricted access to the internet over a dial up connection. It is
very unlikely that there will ever be a LAN among my machines. I do
not see that Debian even claims that shadow passwords *could* be of
any benefit to me ;/
1. Use of shadow is almost standard these days.
2. If your are attacked while you are using user account to access
internet, the use of shadow password gives you one thin but extra
layer of protection to protect your root account after your user
account is hacked.
3. Disabling shadow does not give you much speed or space. Configuring
system to odd configuration is usually not good idea since it is
tested less.
On Thu, 15 Nov 2012 11:04:21 -0600
Richard Owlett wrote:
2. Did not enable shadow passwords
(...)
3. Attempted "su", neither root nor user password accepted
You may have hit a bug.
Obviously there is a "bug".
The question is it me or Debian?
In this context, more likely Debian or its upstream.
I noticed a problem with disabling shadow
passwords some time back and I don't know if anyone has fixed it, as
(ahem) I haven't gotten around to reporting it yet...
For you I have such a deal.
I've submitted a bug [693464@bugs.debian.org] on which you may
comment.
This will be especially useful if the problem has been observed in
something later than version 6.0.5.
I recall (maybe wrongly) figuring out that when shadow passwords were
not enabled, installer still saved root password into shadow before
disabling it, or something on those lines.
I don't know. Though ~"3 score and 10", this is my first foray into
*nix.
Welcome and if you are newbie, stay within safe area :-)