[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: odd passwd problem.

On Sat 03 Aug 2019 at 10:32:02 (-0400), Gene Heskett wrote:
> On Saturday 03 August 2019 10:03:18 David Wright wrote:
> > On Fri 02 Aug 2019 at 22:41:00 (-0400), Gene Heskett wrote:
> > > On Thursday 01 August 2019 16:58:46 Gene Heskett wrote:
> > > > On Thursday 01 August 2019 10:20:57 Andrei POPESCU wrote:
> > > > > On Jo, 01 aug 19, 06:28:17, Gene Heskett wrote:
> > > > > > Debian-arm netinstall on a pi3b;
> > > > > >
> > > > > > No root pw set, I am housebroken to using sudo now.
> > > > > >
> > > > > > netinstall didn't install x anything although I thought I was
> > > > > > selecting xfce4, so my first action on the reboot was to
> > > > > > "sudo apt install xfce4". reboot, works, have x and 4
> > > > > > workspaces.
> > > > > >
> > > > > > Then "sudo apt install build-essential and buildbot, cups".
> > > > > > reboot, worked once, login normal. Then I plugged in a 120GB
> > > > > > ssd which had a bunch of src stuff on it I'll need later and
> > > > > > powered up again. Can't login, passwd no good.  Dbl check,
> > > > > > caps lock off, try again several times, passwd no good.
> > > > >
> > > > > Maybe the SSD is drawing just enough additional current to mess
> > > > > with your keyboard. As already suggested, you could try removing
> > > > > it.
> > > >
> > > > Its a 5 amp switcher.
> > > >
> > > > > Also, since you're not worried about security you could try
> > > > > typing your password in the username field, to make sure the
> > > > > keyboard works as expected. Just don't press enter so the
> > > > > password is not logged ;)
> > > >
> > > > I've done that too, its displaying exactly what I typed.
> > >
> > > And I am being ignored. So here is a thought.
> >
> > Well, I didn't realise you were using a DM to login when I wrote my
> > first reply. As with the SSD, I would have you revert from a DM to
> > an ordinary VC login. But I know so little about DEs that I don't
> > know if that's possible. What does a DM buy you?
> >
> A nice gui with lots of workspaces. Menu's to run stuff.

Isn't that provided by the DE. What specifically does the DM do for you?

I run X and a WM, but I don't use them to login. Just a VC.

> > > Someone has recently mentioned a new method of encrypting passwds.
> > > Is it possible that something in xfce4 has changed to the new
> > > method, but the passwd in the passwd file was encrypted with the
> > > older method, and that an ssh login is still useing the old method,
> > > so I can login remotely only? So possibly it might be fixed by an
> > > apt update/upgrade? Unforch, there is nothing to upgrade:
> >
> > AIUI passwords are not encrypted, they're hashed.
> And apparently each hash is unique? I've checked 4 machines here, and the 
> shadow files entry for me is different on all 4 machines.

That's because there are 4096 different values of salt that could have
been chosen.

> > > copy/paste from a konsole logged into it.
> > >
> > > gene@picnc:~$ sudo apt update
> > > [sudo] password for gene:
> > > Get:1 http://security.debian.org/debian-security buster/updates
> > > InRelease [39.1 kB]
> > > Hit:2 http://deb.debian.org/debian buster InRelease
> > > Get:3 http://deb.debian.org/debian buster-updates InRelease [46.8
> > > kB] Get:4 http://security.debian.org/debian-security
> > > buster/updates/main Sources [25.9 kB]
> > > Get:5 http://security.debian.org/debian-security buster/updates/main
> > > arm64 Packages [51.5 kB]
> > > Get:6 http://security.debian.org/debian-security buster/updates/main
> > > Translation-en [28.9 kB]
> > > Fetched 192 kB in 2s (81.9 kB/s)
> > > Reading package lists... Done
> > > Building dependency tree
> > > Reading state information... Done
> > > All packages are up to date.
> > > gene@picnc:~$
> > >
> > > But is that the proper list of repo's to query?
> >
> > Posting your sources.list would be more typical.
> 
> but much more difficult to copy and chown to get it in the rights for 
> kmail-trinity to attach or include. I have to copy them to someplace 
> neutral, chown the perms, as my sshnet runs as me, specifically denies 
> root, so once I can copy it across the cat5 to someplace in /home/gene 
> on this machine, then I can attach or include it.

I don't understand any of that.

$ ls -l /etc/apt/sources.list
-rw-r--r-- 1 root root 981 Jan 20  2018 /etc/apt/sources.list
$ 

But in any case, you can cat it and then copy/paste it,
as you just did, above, for apt update.

> > > Or maybe its ssh thats using the new way, and xfce4 has not caught
> > > up. I haven't a clue whats changed, but it did work several times,
> > > then stopped.  Completely changing my passwd from this ssh login
> > > worked, I backed out and tried it, worked as expected from ssh, but
> > > is still rejected from its own keyboard, so I changed it back. ??
> > > What library does that? Is there a version jump that arm did, but
> > > got miss installed?
> >
> > ssh has -v (up to 3 times) for monitoring its behaviour.
> >
> > But are you're sure you're not thinking of something like LUKS1/LUKS2
> > rather than any change in passwd hashing (which might be why you wrote
> > "encrypting").
> 
> Never touched LUKS, any version.

In which case, can you quote your reference for where said person
mentioned it.

Whether you've *used* LUKS is irrelevant. You might still have
*heard something* about it, and thought it was about passwd passwords.
I can recall things being written about VM here, but was it Virtual
Box, vbox, qemu, kvm, virt-manager—not having used any VM, my memory
doesn't distinguish between them.

Cheers,
David.
Reply to: