[SOLVED] user login without passwd

spiky0011 · 12-01-2011, 05:21 PM

Building blfs I,m setting up the user for blfs, is it possible for the user to login without the use of a password if so how?

Roken · 12-01-2011, 07:44 PM

Assuming that you are setting up a DE, it's possible, but as for how really depends on which DM you are building (gdm, kdm, lxdm, slim etc)

spiky0011 · 12-02-2011, 12:12 PM

So it,s not possible until I get a desktop, I only have the tty at the moment

druuna · 12-02-2011, 12:27 PM

Hi,

Code:

################################################################################
# Generate an MD5 hash for a string.
# Created to allow me to set a blank Linux password. Required this to create
# multiple VsFTP accounts with anonymous style credientials.
#
# If all you want is the MD5 Hash for NULL (blank password) here's one...
# $1$VNMbpxGH$sew7cnwH9ixU.x27UbFNn.
#
# Advice: If replacing a Linux password with a blank string, ensure you give 
# the user a shell of /sbin/nologin as you wouldn't want them to login!
################################################################################
# Load dependancies...
# perl -MCPAN -e 'install Crypt::PasswdMD5'
################################################################################

Replacing the second field in your /etc/shadow with the above bold part lets you login with an empty/blanck/NULL password (DO MAKE A BACKUP FIRST!)

Tried it and it works (doesn't feel good though.....)

Hope this helps.

Cedrik · 12-02-2011, 12:46 PM

You can also make an 'autologin' program, like :

autologin.c

Code:

#include <unistd.h>

int main() {
        execlp( "login", "login", "-f", "<your user>", 0 );
        return 0;
}

Replacing <your user> with your username,
compile as: gcc -o autologin autologin.c, copy it in /usr/sbin

The program agetty has the following options :
man agetty

Code:

       -l login_program
              Invoke the specified login_program instead of /bin/login.   This
              allows the use of a non-standard login program (for example, one
              that asks for a dial-up password or that uses a different  pass-
              word file).

       -n     Do not prompt the user for a login name. This  can  be  used  in
              connection with -l option to invoke a non-standard login process
              such as a BBS system. Note that with the -n option, agetty  gets
              no  input  from  user who logs in and therefore won't be able to
              figure out parity, character size, and newline processing of the
              connection.  It  defaults to space parity, 7 bit characters, and
              ASCII CR (13) end-of-line character.  Beware  that  the  program
              that agetty starts (usually /bin/login) is run as root.

So in /etc/inittab, replace the line for the first tty:

1:2345:respawn:/sbin/agetty tty1 9600

with:
1:2345:respawn:/sbin/agetty -n -l /usr/sbin/autologin tty1 9600

This way no need to modify /etc/passwd
This will auto login in username account without password after booting the OS

spiky0011 · 12-02-2011, 01:08 PM

Although you said it dosn't feel good is this not how Ubuntu suse etc let you set it up. If a user has no password will that affect if he wanted to have root privilages (sudo). I was also looking at no login as root but using the sudo option, I know it gives it a "commercial feel". I am only looking at the options at the moment

druuna · 12-02-2011, 01:20 PM

Hi,

Quote:

Originally Posted by spiky0011

Although you said it dosn't feel good is this not how Ubuntu suse etc let you set it up. If a user has no password will that affect if he wanted to have root privilages (sudo).

I never tried a password-less user myself (feels to weird...) and cannot tell you if the method I posted has any side-effects.

I assume that if you set up sudo so that no password is needed it will work, not sure about an empty password (you can always try

).

Quote:

I was also looking at no login as root but using the sudo option, I know it gives it a "commercial feel". I am only looking at the options at the moment

Sudo can be configured in many different ways and is a good alternative. I personally don't use sudo at home, but I am enforcing it at work; Too many developers and tester think they need full blown root access while they don't need it. What they need is access to a few commands that need root access and sudo is perfect for things like that.

Cedrik · 12-02-2011, 03:52 PM

I did the autologin config like above in the computer of my old dad

Security wise, it requires physical access to use his computer without password, and at limited user privileges, it is good enough to me

spiky0011 · 12-02-2011, 04:27 PM

I did like the idea of the auto login. I presume that I can still give the user a password and auto login so as to setup sudo

Cedrik · 12-02-2011, 04:45 PM

Quote:

Originally Posted by spiky0011

I did like the idea of the auto login. I presume that I can still give the user a password and auto login so as to setup sudo

In my config, yes. It just auto logins in the first tty right after the boot. I set default runlevel to 3 in inittab, so I put a startx in the .bash_profile of the user to boot directly in X

.bash_profile

Code:

if [[ -z $DISPLAY && $(tty) = /dev/tty1 ]]; then
  startx
fi

If it doesn't work, check tty with tty command output

spiky0011 · 12-02-2011, 05:04 PM

Thks for the help I will try this when I get there. I,ll leave it unsolved for now might need some more help.

spiky0011 · 12-03-2011, 05:49 PM

Thks that worked a treat thks for the help. Hope this Thread helps others