Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Why would you want a user without an actual password? That's just opening up all kinds of trouble if this machine is on the internet or a network. Why not setup a password for the user but have them autologin, but only if they are locally on the machine, etc? Search the forums, its asked all the time.
Well I just took a linux course and I read that if you create a new user with no password, it is disabled until a password is added so I don't know how you can work around that.
On the contrary, what is impolite is wasting people's time trying to dissuade them from their purpose instead of answering the question asked. If you can't/don't want to answer the question, just leave it alone.
I don't mind seeing cautionary advice following useful information, but am sick of reading, all over the net, worthless "answers" to simple questions. The OP didn't ask for security advice or whether what he wanted to do was a good idea. If people only ever tried things that everybody else thought were good ideas, where would we be?
In fact, there are instances in which is makes good sense to create a user with no password and control login with ssh keys. I use this technique on several production systems. Not to mention private or research environments (e.g. private LANs or virtual-machine networks) where security simply isn't an issue.
There is a hack to do this which works. Replace the user's /etc/shadow password entry with this string...
$1$VNMbpxGH$sew7cnwH9ixU.x27UbFNn.
...e.g...
anon1:$1$VNMbpxGH$sew7cnwH9ixU.x27UbFNn.:14284:0:99999:7:::
I also had to do this because I wanted an FTP user that didn't have to enter a password. I could have used anonymous, but I needed a few user's like this. I highly recommend you set a shell of /sbin/nologin (in /etc/passwd) for such a user, e.g..
anon1:x:6513:6513:Anonymous FTP User NoPass:/home/qvtest:/sbin/nologin
NOTE: The above string was generated by this script...
#!/usr/bin/perl
################################################################################
# Generate an MD5 hash for a string.
# Created to allow me to set a blank Linux password. Required this to create
# multiple VsFTP accounts with anonymous style credientials.
#
# If all you want is the MD5 Hash for NULL (blank password) here's one...
# $1$VNMbpxGH$sew7cnwH9ixU.x27UbFNn.
#
# Advice: If replacing a Linux password with a blank string, ensure you give
# the user a shell of /sbin/nologin as you wouldn't want them to login!
################################################################################
# Load dependancies...
# perl -MCPAN -e 'install Crypt::PasswdMD5'
################################################################################
use strict;
use Crypt::PasswdMD5 qw(unix_md5_crypt);
my @salt = ( '.', '/', 0 .. 9, 'A' .. 'Z', 'a' .. 'z' );
my %encrypted;
sub abort {
print "ABORT: $_[0]\n";
exit 1
}
sub gensalt { #------------------------------------------------------------
# uses global @salt to construct salt string of requested length
my $count = shift;
my $salt;
for (1..$count) {
$salt .= (@salt)[rand @salt];
}
return $salt;
} # end gensalt
sub get_encryptedpw { #--------------------------------------------------
my $unencrypted="$_[0]";
# generate traditional (weak!) DES password, and more modern md5
$encrypted{des} = crypt( $unencrypted, gensalt(2) );
$encrypted{md5} = unix_md5_crypt( $unencrypted, gensalt(8) );
return %encrypted;
}
################################################################################
print "Enter password string to encrypt (can be blank) : ";
my $password = <STDIN>;
chomp $password;
get_encryptedpw($password);
print "Plaintext \"$password\" = MD5 Hash: $encrypted{md5}\n";
print "\nReplace the /etc/shadow password string with the above to force pass change\n";
Haha, If you had asked me earlier I would thought it was not possible. I guess as our fellow here said everything is possible with Linux you just have to digg deep enough .
...if only it were that easy. That just locks the account. You can't login. You need to fool the system into accepting a blank password.
By the way, you can only use a blank password with services like FTP/telnet. If you wanted to use a blank password with SSH, you'd need to add "PermitEmptyPasswords yes" to /etc/sshd_config. Having said that, you should be using SSH keys if you want promptless access over SSH. Basically avoid 'no password' accounts if you give the user a shell!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
