[lug] Users added during install with no password
Neil Doane
caine at antediluvian.org
Fri Jul 2 07:22:55 MDT 2004
* Jeff Schroeder (jeff at neobox.net), on [07-01-04 16:59], wrote:
> Bill wrote:
>
> > I recently installed RH 9.0 and noticed that the user named 'rpm' was
> > added in the process and assigned the /bin/bash shell... but no
> > password. I assume this is normal and no big threat to security, but
> > is that right?
>
> Although I don't use RH (any more), I suspect that's correct. Look in
> the /etc/shadow file-- I assume RH uses shadow passwords-- and you
> should see some users with passwords, and others with an 'x' or bang:
>
> nobody:x:12598:0:99999:7:::
> jeff:jseCdKJfvLk:12598:0:99999:7:::
That's not your real hash is it? :)
Neil
> mysql:!:12598:0:99999:7:::
>
> The 'nobody' and 'mysql' accounts won't permit logins.
>
> HTH,
> Jeff
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
More information about the LUG
mailing list