Re: Should I give passwords to server ids?
From: Wild Wizard (somebody@wildwizard.kicks-ass.org)Date: 10/15/02
- Next message: Nico Kadel-Garcia: "Re: ssh"
- Previous message: Marcel Weber: "Re: Use Windows 2000 User Authentication for Apache"
- In reply to: Sundial Services: "Should I give passwords to server ids?"
- Next in thread: Joerg Weilbier: "Re: Should I give passwords to server ids?"
- Reply: Joerg Weilbier: "Re: Should I give passwords to server ids?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Wild Wizard <somebody@wildwizard.kicks-ass.org> Date: Tue, 15 Oct 2002 01:20:00 GMT
Sundial Services wrote:
>
> After the aforementioned scare involving the user "news," I began to
> wonder.
>
> There are several user-ids associated with daemons. Some have a shell
> other than /false/ or /nolog/.
>
> What are the passwords to these daemon accounts? Are they predictable?
> Should they be changed? If so, what will break?
they have no passwords and you can not log onto those accounts in any normal
manor
from my /etc/shadow file (slackware 9beta1)
the password is * you cant logon to these accounts
bin:*:9797:0:::::
daemon:*:9797:0:::::
adm:*:9797:0:::::
lp:*:9797:0:::::
sync:*:9797:0:::::
shutdown:*:9797:0:::::
halt:*:9797:0:::::
mail:*:9797:0:::::
news:*:9797:0:::::
uucp:*:9797:0:::::
operator:*:9797:0:::::
games:*:9797:0:::::
ftp:*:9797:0:::::
smmsp:*:9797:0:::::
mysql:*:9797:0:::::
rpc:*:9797:0:::::
gdm:*:9797:0:::::
pop:*:9797:0:::::
nobody:*:9797:0:::::
--
He hadn't a single redeeming vice.
-- Oscar Wilde
- Next message: Nico Kadel-Garcia: "Re: ssh"
- Previous message: Marcel Weber: "Re: Use Windows 2000 User Authentication for Apache"
- In reply to: Sundial Services: "Should I give passwords to server ids?"
- Next in thread: Joerg Weilbier: "Re: Should I give passwords to server ids?"
- Reply: Joerg Weilbier: "Re: Should I give passwords to server ids?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
