PDA

View Full Version : Any way to create a username with no password?



pushback
1st May 2006, 03:09 AM
Before everyone yells at me ...

I am building a fedora box on a virtual machine (VMware) on my laptop for a one-time class I am teaching on MySQL (demanded equal time since this generic "database" class is all in Microsoft Abscess). Everyone will be logging into the VM server with generic usernames (user0, user1 ...) and I just thought it would be nice to leave the passwords out.

ok ... so I tried the passwd utility--won't do it.

I tried removing the X between the colins in the passwd file, like so:

user0::100:100::/home/user0:/bin/bash

Still won't work.

Any ideas?

Simon Bridge
1st May 2006, 03:45 AM
Before everyone yells at me ...

I am building a fedora box on a virtual machine (VMware) on my laptop for a one-time class I am teaching on MySQL (demanded equal time since this generic "database" class is all in Microsoft Abscess). Everyone will be logging into the VM server with generic usernames (user0, user1 ...) and I just thought it would be nice to leave the passwords out.

ok ... so I tried the passwd utility--won't do it.

I tried removing the X between the colins in the passwd file, like so:

user0::100:100::/home/user0:/bin/bash

Still won't work.

Any ideas?OK - well I don't think you are doing your class any favours by leaving off the password. They may just get the idea that you don't need passwords in linux. Presumably you gave them a talk about security - why not reinforce the lesson.

Now - removing the x between the colons does that for me ... turns the password into a carriage return. What happens for you?

Then you could turn all the passwords into "user1" etc ... or a similar easy password like "a". You'd still be faced with pointing out that these are terrible passwords.

Simon Bridge
1st May 2006, 03:48 AM
Now - removing the x between the colons does that for me ... turns the password into a carriage return. What happens for you?


Have you tried removing the shadow password?

solarisman
1st May 2006, 03:51 AM
you need to do the same thing in /etc/shadow (if present)

ezzetabi
1st May 2006, 11:27 AM
or for a easy and GUI-guided version, start 'kcontrol' -> System Administration -> Login Manager -> Convenience
There is the possibility of activating password less logins. Just be sure your guest account isn't in any important group and also as root write:
find / -perm +002 -type d 2>/dev/null
to see if someone allows writing access for everyone. If it so, it is very dangeous keeping a passless login.

You know... everyone can login and write:
find / -perm +002 -type d -exec touch {}/Check\ your\ chmod\ better!!! \;2>/dev/null >~/logfile.txt