Quote:
Originally Posted by kinetik
I'm having an argument with one of my pals about whether a user would be able to gain access into Nix if his/ her account was created via "useradd -d /home/dummy -m -s /bin/bash -c "Dummy User" dummy".
Usually I'll set the password directly afterwards by doing a "passwd dummy" and entering the password. After that I know the user will be able to login.
Now the argument is that if no password was set afterwards via passwd, would the user be able to login? My stance is no. My pal says yes.
Am I right here or do I owe my friend a beer?
|
You get to keep your beer my friend.
If you use useradd with those options and not getting asked the questions, passwd is not invoked automatically for you like normal. If you do not invoke passwd after creating an account in that fashion, then the account will be locked until root issues a password. Therefore making the account unusable by anyone. (All logins will fail)
Here is some info you might find useful:
At anytime you can use
to lock any account other than root. It "scrambles" the entry in /etc/shadow to something ridiculous and unguessable, making the account unusable. If you want to restore the password to the value that existed before you locked it, you would issue
and the password is usable again. That probably wouldn't be very good in the case of a newly created account because you want some control over it. If you don't want to give the account a password at all, even after creating it, you would do:
This deletes whatever entry is in /etc/shadow for the dummy account. It doesn't matter if you never set the password (as in your question) or if it's locked or unlocked, the password is deleted and the login will not ask for a password.
If you feel a bit daring, there is a way to set the password with useradd:
Code:
useradd -p <passwd> dummy
If the -p option isn't there, then the default action is to lock the account. But the man page for useradd tells that <passwd> value is returned by the crypt function.
I'm not playing with that. But if you can figure it out let me know.
Enjoy that beer!
EDIT: All those commands as root... of course...