LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   User name restrictions (http://www.linuxquestions.org/questions/linux-newbie-8/user-name-restrictions-312024/)

AndeAnderson 04-11-2005 10:41 AM

User name restrictions
 
It is not critical, but it is a little frustrating.

When trying to set-up secure user names the only restriction I could find was that "it is recommended that the user name start with a lower case character".

But, when I try to set-up secure user names, which use a mix of lower and upper case characters, numbers and symbols I just get an error that the user name is invalid with the message that "the user name "must" (not should) start with a lower case character". Even after correcting this I got the same error message over and over. So, I had to remove all special characters and just use straight names for Linux to accept the user names.

That is not very secure. :scratch:

What restrictions are there in setting up user names? What symbols, ASCII characters, are not allowed? I do not see anything specified in the books and forums I have searched.

Is there a restriction in the length?

pfunk 04-11-2005 11:31 AM

I think you're allowed upper and lower case letters, hyphen, underscore and period for usernames in linux.

On most systems I've been on users' home directories are under /home and that directory has world read permission. so if i have an account on the system i can see most everyone's user name. so it wouldn't matter if they had "secure" usernames or not.

Now in terms of outside attacks to your system you're right ... having "secure" usernames is an extra level of security in some way. But I think forcing users to pick good passwords and making them change their passwords often ends up being just as strong.

Harmaa Kettu 04-11-2005 11:56 AM

Comment in the shadow password suite source code:
Code:

/*
 * User/group names must match [a-z_][a-z0-9_-]*
 */

It also accepts a dollar sign, but only as the last character of the username, probably because $letters means an environment variable in bash.

In my own LFS system, I have patched shadow password suite to accept uppercase letters. The only problem I have noticed is that Heroes of the Might and Magic 3 does not find my home directory because of an uppercase letter in directory name. Of course, that is a bug in HOMM3.

The maximum length of usernames seems to be 32 characters.

looseCannon 04-11-2005 02:01 PM

Quote:

Originally posted by pfunk
On most systems I've been on users' home directories are under /home and that directory has world read permission. so if i have an account on the system i can see most everyone's user name. so it wouldn't matter if they had "secure" usernames or not.
Not necessarily true. Keep in mind that a persons home directory doesn't have to be the same as their username. It can be anything. It's just common practice to make them the same.

Tinkster 04-11-2005 03:29 PM

Quote:

Originally posted by Harmaa Kettu
Code:

/*
 * User/group names must match [a-z_][a-z0-9_-]*
 */

In my own LFS system, I have patched shadow password suite to accept uppercase letters. The only problem I have noticed is that Heroes of the Might and Magic 3 does not find my home directory because of an uppercase letter in directory name. Of course, that is a bug in HOMM3.
[/B]
The shadow suite that comes with slackware will happily
accept uppercase and numbers in usernames ... the only thing
that DOESN'T accept them is the useradd program ... if I manually
edit /etc/passwd and /etc/shadow it's all good...


Cheers,
Tink


All times are GMT -5. The time now is 03:40 PM.