sct@alpha.lanl.gov (Stephen Tenbrink) (09/01/89)
I'm puzzled. We have a NeXt system with a password for 'root'. I must enter a password when I type 'su' and when I login as 'root'. The problem is that the passwd file has no encrypted password entry for 'root'. It does have encrypted passwords for all the users. What I want to know is: where is the encrypted password kept for root? Another problem is that I can login as 'root' from the console but when I try to telnet from another workstation and login as root I can't do it. Someone suggested that there is a security feature that only allows logins for root to occur at certain terminals (in this case the console). Is that true?
dz@mango.ucsb.edu (Daniel James Zerkle) (09/02/89)
In article <960@alpha.lanl.gov> sct@alpha.lanl.gov (Stephen Tenbrink) writes: >I'm puzzled. We have a NeXt system with a password for 'root'. I must >enter a password when I type 'su' and when I login as 'root'. The problem >is that the passwd file has no encrypted password entry for 'root'. It >does have encrypted passwords for all the users. What I want to know is: >where is the encrypted password kept for root? Everybody gets messed up on this one at least once. The NeXT does not use the passwd, group, or several other files present in /etc. There is a system called NetInfo that takes care of this information. Consult the Digital Librarian to learn more. >Another problem is that I can login as 'root' from the console but when >I try to telnet from another workstation and login as root I can't do it. >Someone suggested that there is a security feature that only allows logins >for root to occur at certain terminals (in this case the console). >Is that true? That is very true. There is a file called /etc/ttys. It has information about all the tty lines. The word "secure" must be at the end of each text line on which root can log in. Two more quirks that you are sure to find: Not only MUST you be in the wheel group to su root, but if you are, you can type your own password to become root, and never know the root password. Also, your group information must be set in the netinfo system (not the /etc/group file) so that you will be in the wheel group. -Dan | Dan Zerkle home:(805) 968-4683 morning:961-2434 afternoon:687-0110 | | dz@cornu.ucsb.edu dz%cornu@ucsbuxa.bitnet ...ucbvax!hub!cornu!dz | | Snailmail: 6681 Berkshire Terrace #5, Isla Vista, CA 93117 | | Disclaimer: If it's wrong or stupid, pretend I didn't do it. |