1

login with any password

view story
linux-howto

http://stackoverflow.com – I am having a strange problem in the sense that one of the users in my server is able to login with any password whose first eight characters same as the actual password of the user. For example, if the actual password of a user is abcdefgh then login with abcdefgh as the password, as well as abcdefgh2002 or abcdefghijkl succeeds, but not with 2001abcdefgh. I am using PAM with shadow file. The user in concern has a hash of his password in /etc/shadow file, but it does not have any salt as far as i can see. I tried it with my own account, but did not result in successful login. (HowTos)

linuxletgo's picture
Submitted by linuxletgo on 01/31/2013

Stories similar to login with any password

I want to login as a different user in Gnome and not to run a single program only, but I don't know the users password, I don't want to know it and I don't want to change it, but I'm sudoer.

Is there any way to do so?

The best thing I could think, was to change the user's password but to keep the old shadow file. But this seems to me very ugly and also uncomfortable.

When I create a new user account I ask users to send me a public key, and want to force users to set the password the first time they log in with keypair authentication.

I reset the password for sa for ms sql 2008 R2.

I can login using Microsoft SQL Server Management Studio with the account sa with the new password.

However, when I go to update the servers (sharepoint) that uses the account, they get bad login (bad password) for sa.

I have tried multiple different ways to reset the sa password and restart the service, but so far no luck.

Why is it still giving

We have a test server that does allow challenge-response authentication. I don't want to disable that, but when I create a new user account I ask users to send me a public key, and want to force users to set the password the first time they log in with keypair authentication.

The user is set to login without a password. When trying to use that user to make a directory the user is asked to prvide a password. Since they don't have a password the system keeps rejecting them and denies them access to the command. Is there a default password that may be in use?

Every time I log in into Ubuntu a window comes titled "Unlock Login Keyring" and asks for some password. The problem is when I enter my password it doesn't accepts it.

What is login keyring? If it isn't asking about my user account password then which password is it asking about? I don't want to come it everytime I login. How do I make it go away?

On SPARC Solaris 10. I set the app account so it's expired. I also want it so not required to change password at first login, I can do this by removing the numbers after the password in /etc/shadow.

example using user1

The /etc/shadow file looks like this:

Code: user1:kOmcVXAImRTAY:0::::90:: Want it to be like this:

Code: user1:kOmcVXAImRTAY::::::: How can I do that via a script?

Yesterday evening I changed my password, using: Systems Settings >> User Accounts

But, this morning my new password is not accepted. In trying other solutions, I tried my old password which still allowed me to login.

Please can anyone give me reason why this happen, and how I can stop this happening?

I am using Ubuntu 11.10 which was working fine till today.

If I try to login using one of my user accounts it directs me back to the login screen, which is followed by a black screen.

I am sure the password I enter is correct because if the password is wrong it prompts "Invalid Password".

On the other hand I am able to login using a root or guest account.