LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-03-2008, 10:29 AM   #1
powah
Member
 
Registered: Mar 2005
Distribution: FC, Gentoo
Posts: 276

Rep: Reputation: 30
change password without knowing current password


After logging as root, how to change the password for the user "admin: without knowing its current password?

# /usr/bin/passwd admin
Changing password for user admin.
Changing password for admin
(current) password:
passwd: Authentication token manipulation error
 
Old 06-03-2008, 10:42 AM   #2
marXtevens
LQ Newbie
 
Registered: Jan 2008
Location: Midwest USA
Distribution: Slackware, Fedora, RHEL, ...
Posts: 9

Rep: Reputation: 0
Changing Password

It would help (me) to have a couple of items of information:
  1. Version of Linux (Slackware, Ubuntu, Fedora).
  2. egrep 'root|admin' /etc/passwd
  3. Are you running SELinux?

You might also wish to look at the following:
http://www.linuxquestions.org/questi...on-error-2813/

... Mark

Last edited by marXtevens; 06-03-2008 at 10:51 AM.
 
Old 06-03-2008, 02:29 PM   #3
powah
Member
 
Registered: Mar 2005
Distribution: FC, Gentoo
Posts: 276

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by marXtevens View Post
It would help (me) to have a couple of items of information:
  1. Version of Linux (Slackware, Ubuntu, Fedora).
  2. egrep 'root|admin' /etc/passwd
  3. Are you running SELinux?

You might also wish to look at the following:
http://www.linuxquestions.org/questi...on-error-2813/

... Mark
Fedora Core 6 : kernel 2.6.18-1.2798.fc6

# egrep 'root|admin' /etc/passwd
root:x:0:0:root:/root:/bin/bash
admin:x:0:0:root:/root:/usr/comp/lush/lush
operator:x:11:0perator:/root:/sbin/nologin

How to find out whether SELinux is installed or running?
 
Old 06-03-2008, 03:04 PM   #4
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
My question is, Why do you have a user called admin with the same uid as root? That's just bad and opens this machine up to all kinds of security related issues. I'd like to know the reason behind this, if any? If it's for some application, I'd talk to the developers to rethink how they need to develop such application without needing an active account with root power across the whole system.

And you're probably getting the manipulation token error cause you have two uid's with the same value.

Bad bad bad.. in my opinion. When root changes a password, it usually will not prompt for the existing password, root is god, don't create other accounts with same UID as root with 0.
 
Old 06-03-2008, 03:28 PM   #5
powah
Member
 
Registered: Mar 2005
Distribution: FC, Gentoo
Posts: 276

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by trickykid View Post
My question is, Why do you have a user called admin with the same uid as root? That's just bad and opens this machine up to all kinds of security related issues. I'd like to know the reason behind this, if any? If it's for some application, I'd talk to the developers to rethink how they need to develop such application without needing an active account with root power across the whole system.

And you're probably getting the manipulation token error cause you have two uid's with the same value.

Bad bad bad.. in my opinion. When root changes a password, it usually will not prompt for the existing password, root is god, don't create other accounts with same UID as root with 0.

The admin account is a quick and dirty way to execute some privileged commands.
Besides using "sudo", are there alternatives?
 
Old 06-03-2008, 04:55 PM   #6
marXtevens
LQ Newbie
 
Registered: Jan 2008
Location: Midwest USA
Distribution: Slackware, Fedora, RHEL, ...
Posts: 9

Rep: Reputation: 0
More Than One root? Not a Good Idea.

Quote:
Originally Posted by powah View Post
Fedora Core 6 : kernel 2.6.18-1.2798.fc6

# egrep 'root|admin' /etc/passwd
root:x:0:0:root:/root:/bin/bash
admin:x:0:0:root:/root:/usr/comp/lush/lush
operator:x:11:0perator:/root:/sbin/nologin

How to find out whether SELinux is installed or running?
Having more that one username with the same userid is a dangerous activity, especially for root. Hence the purpose of sudo. To allow some people to run some commands that they could not otherwise use, AND track their use of sudo and the things they did (if you have accounting running (pacct)).

As root run the following:
if [ -e `which selinuxenabled` ] ; then `which selinuxenabled` ; if [ $? -eq 0 ] ; then echo "SELinux enabled" ; else echo "SELinux disabled" ; fi; else echo "SELinux not installed"; fi

Below is a really good tutorial on setting up sudo.
http://www.onlamp.com/pub/a/bsd/2002...y_Daemons.html

... Mark

Last edited by marXtevens; 06-03-2008 at 05:01 PM.
 
Old 06-05-2008, 03:30 PM   #7
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
Quote:
Originally Posted by powah View Post
The admin account is a quick and dirty way to execute some privileged commands.
Besides using "sudo", are there alternatives?
Might be quick and dirty but add in insecure as well. You can easily implement sudo to run what you need without passwords, etc. If you're going to run a user with the UID of 0, basically making it another root user, you might as well just login and use root, there's no difference in what your doing except possibly security through obscurity, which never works and is not fool proof.
 
Old 06-07-2008, 12:17 AM   #8
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,049

Rep: Reputation: 378Reputation: 378Reputation: 378Reputation: 378
Quote:
Originally Posted by trickykid View Post
Might be quick and dirty but add in insecure as well. You can easily implement sudo to run what you need without passwords, etc. If you're going to run a user with the UID of 0, basically making it another root user, you might as well just login and use root, there's no difference in what your doing except possibly security through obscurity, which never works and is not fool proof.
Obscurity? The username is "admin" hehehehehe. So, nor even that.

Use sudo. By deleting the admin user you will also fix the "problem" that you created and this thread will be solved as well.
 
Old 06-11-2008, 02:21 PM   #9
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
Quote:
Originally Posted by i92guboj View Post
Obscurity? The username is "admin" hehehehehe. So, nor even that.
Well, anyone in the Unix world all know root is god. I've seen plenty of accounts created as admin that aren't necessarily given anything close to root privileges. When I think of admin or administrator, I think of Windows.
 
Old 06-12-2008, 12:29 AM   #10
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,049

Rep: Reputation: 378Reputation: 378Reputation: 378Reputation: 378
Quote:
Originally Posted by trickykid View Post
Well, anyone in the Unix world all know root is god. I've seen plenty of accounts created as admin that aren't necessarily given anything close to root privileges. When I think of admin or administrator, I think of Windows.
Sure. But regardless, I don't think I am wrong if I say that 100% of the dictionary based attacks will try that word on an early stage. It's not that uncommon, and even if it can't guarantee root access, it's a good start.

Believe me, someone that short sighted as to set an user account called "admin" with a weak password that can be cracked, has probably made much more errors that will make the system vulnerable enough if you get to log with that user.

There's no obscurity in using "admin" as an user or root account as there's no obscurity in using an account name named "Joseph" either and putting your ID number as a password. But that's what a lot of people do. So, it's doesn't really matter if the "admin" user has root privileges or not (that's just a bonus that the eventual attacker will find and enjoy). The point is that, as you said, there's a lot of people that use "admin" for one purpose or another. So, it's a very common name to find on a name generator, and even in dictionaries for passwords (yeah, some people is that way).

As long as it's on the dictionary or it's close enough, there's no obscurity at all, because attackers don't care about what the user name is supposed to be. They can try lots of times on lots of computers, and the ip banning is not invulnerable. When it comes to security the best you can do is to put as many layers as possible in the middle.

That's why admins use tools like johntheripper to check the integrity of the passwords. A weak password is a way for an attacker to get into the system. Once you are there, if you are smart enough you can wait, watch, and find a way to scale privileges.
 
Old 06-12-2008, 05:45 AM   #11
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 53
Not really on topic ...
Quote:
Originally Posted by marXtevens View Post
Having more that one username with the same userid is a dangerous activity, especially for root
Quote:
Originally Posted by trickykid
My question is, Why do you have a user called admin with the same uid as root? That's just bad and opens this machine up to all kinds of security related issues.
Like what kind of security problem?

I have some machines here that have this.. hum.. feature.. And i vaguely remember that this is not good habit but more precisely what's the risk?

I'm not the admin but the admin created me this kind of UID 0 account. He said he doesn't want to install any packages.. like sudo... As I can now change he's root password, that's not very logical but that's not the point, I just want to know the real risk of having two same UID 0.

Thanks!

Last edited by nx5000; 06-12-2008 at 05:51 AM.
 
Old 08-10-2012, 12:34 PM   #12
irusvirus
LQ Newbie
 
Registered: Aug 2012
Posts: 1

Rep: Reputation: Disabled
sudo passwd

If you don't remember your password you might try to reset it using sudo passwd
All the best.
Íris
 
Old 08-11-2012, 03:11 PM   #13
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,049

Rep: Reputation: 378Reputation: 378Reputation: 378Reputation: 378
Quote:
Originally Posted by nx5000 View Post
Like what kind of security problem?
Two (or N) users with the same UID is truly better worded as "one user". For linux, users with the same UID are the same user, no matter if they have different passwords, homes or whatever else.

The file ownerships are stored by UID, not by user name. That means that any file belonging to a given UID will effectively belong to any number of users which have that same UID.

I will remind you that, in linux (and in generanl, in any POSIX OS) everything is a file, including device nodes, network sockets, pipes (you can start seeing what the implications are, aren't you?).

In other words: if "admin" is the same UID than "root", then "admin" IS "root". Effectively, handling the "admin" user the "root" password would be easier, and would save you one line in the passwords file. There are a few corner cases when this "feature" as you call it can be useful (or so some people think), but if you are asking here you are probably in one of those rare cases.

Anyway, read this, concretely 4.1.2.

http://www.diablotin.com/librairie/n...is/ch04_01.htm
 
Old 08-12-2012, 01:31 PM   #14
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
This thread is 4 years old.
 
1 members found this post helpful.
Old 10-04-2012, 06:05 AM   #15
Shahid nx
Member
 
Registered: Jan 2012
Posts: 41

Rep: Reputation: Disabled
If you go to a command line as root, you can change a users password by
issuing the following:
passwd username
You will be prompted for a new password for the user without asking current password.
 
  


Reply

Tags
passwd, security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to change root password without knowing the grub password ramesh.mimit Red Hat 8 10-15-2011 06:12 AM
Can i get into linux without knowing a username or password? bmwatts1019 Linux - Security 13 12-11-2006 06:54 AM
change Root Password even if the password in the grub is also set sheelnidhi Linux - General 6 08-30-2006 08:27 AM
How can I change e-mail password(or linux account password) with php in website?? yusuf Programming 1 05-28-2004 10:39 AM


All times are GMT -5. The time now is 01:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration