Re: odd passwd problem.

To: debian-user@lists.debian.org
Subject: Re: odd passwd problem.
From: David Wright <deblis@lionunicorn.co.uk>
Date: Sat, 3 Aug 2019 10:56:38 -0500
Message-id: <[🔎] 20190803155638.3afhzhurf7tpnwys@wren.corp>
Reply-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 201908031138.27288.gheskett@shentel.net>
References: <[🔎] 201908010628.17951.gheskett@shentel.net> <[🔎] 201908031032.02702.gheskett@shentel.net> <[🔎] 20190803150627.m4j4wjallwhl35iq@wren.corp> <[🔎] 201908031138.27288.gheskett@shentel.net>

On Sat 03 Aug 2019 at 11:38:27 (-0400), Gene Heskett wrote:
> On Saturday 03 August 2019 11:06:27 David Wright wrote:
> > On Sat 03 Aug 2019 at 10:32:02 (-0400), Gene Heskett wrote:
> > > On Saturday 03 August 2019 10:03:18 David Wright wrote:
> > > > On Fri 02 Aug 2019 at 22:41:00 (-0400), Gene Heskett wrote:
> > > > > On Thursday 01 August 2019 16:58:46 Gene Heskett wrote:
> > > > > > On Thursday 01 August 2019 10:20:57 Andrei POPESCU wrote:
> > > > > > > On Jo, 01 aug 19, 06:28:17, Gene Heskett wrote:
> > > > > > > > Debian-arm netinstall on a pi3b;
> > > > > > > >
> > > > > > > > No root pw set, I am housebroken to using sudo now.
> > > > > > > >
> > > > > > > > netinstall didn't install x anything although I thought I
> > > > > > > > was selecting xfce4, so my first action on the reboot was
> > > > > > > > to "sudo apt install xfce4". reboot, works, have x and 4
> > > > > > > > workspaces.
> > > > > > > >
> > > > > > > > Then "sudo apt install build-essential and buildbot,
> > > > > > > > cups". reboot, worked once, login normal. Then I plugged
> > > > > > > > in a 120GB ssd which had a bunch of src stuff on it I'll
> > > > > > > > need later and powered up again. Can't login, passwd no
> > > > > > > > good.  Dbl check, caps lock off, try again several times,
> > > > > > > > passwd no good.
> > > > > > >
> > > > > > > Maybe the SSD is drawing just enough additional current to
> > > > > > > mess with your keyboard. As already suggested, you could try
> > > > > > > removing it.
> > > > > >
> > > > > > Its a 5 amp switcher.
> > > > > >
> > > > > > > Also, since you're not worried about security you could try
> > > > > > > typing your password in the username field, to make sure the
> > > > > > > keyboard works as expected. Just don't press enter so the
> > > > > > > password is not logged ;)
> > > > > >
> > > > > > I've done that too, its displaying exactly what I typed.
> > > > >
> > > > > And I am being ignored. So here is a thought.
> > > >
> > > > Well, I didn't realise you were using a DM to login when I wrote
> > > > my first reply. As with the SSD, I would have you revert from a DM
> > > > to an ordinary VC login. But I know so little about DEs that I
> > > > don't know if that's possible. What does a DM buy you?
> > >
> > > A nice gui with lots of workspaces. Menu's to run stuff.
> >
> > Isn't that provided by the DE. What specifically does the DM do for
> > you?
> >
> > I run X and a WM, but I don't use them to login. Just a VC.
> >
> > > > > Someone has recently mentioned a new method of encrypting
> > > > > passwds. Is it possible that something in xfce4 has changed to
> > > > > the new method, but the passwd in the passwd file was encrypted
> > > > > with the older method, and that an ssh login is still useing the
> > > > > old method, so I can login remotely only? So possibly it might
> > > > > be fixed by an apt update/upgrade? Unforch, there is nothing to
> > > > > upgrade:
> > > >
> > > > AIUI passwords are not encrypted, they're hashed.
> > >
> > > And apparently each hash is unique? I've checked 4 machines here,
> > > and the shadow files entry for me is different on all 4 machines.
> >
> > That's because there are 4096 different values of salt that could have
> > been chosen.
> >
> > > > > copy/paste from a konsole logged into it.
> > > > >
> > > > > gene@picnc:~$ sudo apt update
> > > > > [sudo] password for gene:
> > > > > Get:1 http://security.debian.org/debian-security buster/updates
> > > > > InRelease [39.1 kB]
> > > > > Hit:2 http://deb.debian.org/debian buster InRelease
> > > > > Get:3 http://deb.debian.org/debian buster-updates InRelease
> > > > > [46.8 kB] Get:4 http://security.debian.org/debian-security
> > > > > buster/updates/main Sources [25.9 kB]
> > > > > Get:5 http://security.debian.org/debian-security
> > > > > buster/updates/main arm64 Packages [51.5 kB]
> > > > > Get:6 http://security.debian.org/debian-security
> > > > > buster/updates/main Translation-en [28.9 kB]
> > > > > Fetched 192 kB in 2s (81.9 kB/s)
> > > > > Reading package lists... Done
> > > > > Building dependency tree
> > > > > Reading state information... Done
> > > > > All packages are up to date.
> > > > > gene@picnc:~$
> > > > >
> > > > > But is that the proper list of repo's to query?
> > > >
> > > > Posting your sources.list would be more typical.
> > >
> > > but much more difficult to copy and chown to get it in the rights
> > > for kmail-trinity to attach or include. I have to copy them to
> > > someplace neutral, chown the perms, as my sshnet runs as me,
> > > specifically denies root, so once I can copy it across the cat5 to
> > > someplace in /home/gene on this machine, then I can attach or
> > > include it.
> >
> > I don't understand any of that.
> >
> > $ ls -l /etc/apt/sources.list
> > -rw-r--r-- 1 root root 981 Jan 20  2018 /etc/apt/sources.list
> > $
> >
> > But in any case, you can cat it and then copy/paste it,
> > as you just did, above, for apt update.
> >
> > > > > Or maybe its ssh thats using the new way, and xfce4 has not
> > > > > caught up. I haven't a clue whats changed, but it did work
> > > > > several times, then stopped.  Completely changing my passwd from
> > > > > this ssh login worked, I backed out and tried it, worked as
> > > > > expected from ssh, but is still rejected from its own keyboard,
> > > > > so I changed it back. ?? What library does that? Is there a
> > > > > version jump that arm did, but got miss installed?
> > > >
> > > > ssh has -v (up to 3 times) for monitoring its behaviour.
> > > >
> > > > But are you're sure you're not thinking of something like
> > > > LUKS1/LUKS2 rather than any change in passwd hashing (which might
> > > > be why you wrote "encrypting").
> > >
> > > Never touched LUKS, any version.
> >
> > In which case, can you quote your reference for where said person
> > mentioned it.
> >
> > Whether you've *used* LUKS is irrelevant. You might still have
> > *heard something* about it, and thought it was about passwd passwords.
> > I can recall things being written about VM here, but was it Virtual
> > Box, vbox, qemu, kvm, virt-manager—not having used any VM, my memory
> > doesn't distinguish between them.
> >
> > Cheers,
> > David.
> 
> LUKS shouldn't matter David, I've never used it in 20 years. However  I 
> just installed locate, updatedb, the locate luks spit out this:
> oot@picnc:~# locate luks
> /boot/efi/boot/grub/arm64-efi/luks.mod
> /boot/grub/arm64-efi/luks.mod
> /usr/lib/grub/arm64-efi/luks.mod
> 
> Could one of those be screwing with me?

No. I'm trying to eliminate LUKS from the conversation. What would be
more useful is to discover what you were talking about when you wrote
"Someone has recently mentioned a new method of encrypting passwds."
Or am I to spike it, along with
https://lists.debian.org/debian-user/2017/03/msg00208.html
and suchlike.

Cheers,
David.

Reply to:

Follow-Ups:
- Re: odd passwd problem.
  - From: Gene Heskett <gheskett@shentel.net>

References:
- odd passwd problem.
  - From: Gene Heskett <gheskett@shentel.net>
- Re: odd passwd problem.
  - From: Gene Heskett <gheskett@shentel.net>
- Re: odd passwd problem.
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: odd passwd problem.
  - From: Gene Heskett <gheskett@shentel.net>

Prev by Date: Re: odd passwd problem.
Next by Date: Re: Buster's Strange Behaviour Purging Firefox-esr
Previous by thread: Re: odd passwd problem.
Next by thread: Re: odd passwd problem.
Index(es):
- Date
- Thread