Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 02-11-2005, 06:42 PM   #1
LQ Newbie
Registered: Apr 2002
Distribution: Linux
Posts: 14

Rep: Reputation: 0
shadow password - password field

What is the difference between the "!" character and the "*" character in the encrypted password field in the shadow password file.

I have both and there must be a reason, but the only information I can find is that it disables the password.

Does it really mean login?

Old 02-11-2005, 08:01 PM   #2
Senior Member
Registered: Nov 2004
Location: Third rock from the Sun
Distribution: NetBSD-2, FreeBSD-5.4, OpenBSD-3.[67], RHEL[34], OSX 10.4.1
Posts: 1,197

Rep: Reputation: 46
Either of those characters in the password field in /etc/shadow would disable the login.
Old 02-11-2005, 09:05 PM   #3
LQ Newbie
Registered: Apr 2002
Distribution: Linux
Posts: 14

Original Poster
Rep: Reputation: 0
I noticed that you can still "su" to those users.

I am just worried about user's who are reallly processes.

Is one character preferred over the other?
Old 11-15-2005, 06:17 PM   #4
LQ Newbie
Registered: Sep 2005
Posts: 4

Rep: Reputation: 0
Isn't there anyone who knows what really is the difference between a '*' and a '!' ???

It seems that piece of information isn't going to be easily found.
Old 11-15-2005, 07:52 PM   #5
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
As far as I know, the '*' is standard.

edit: I take it back. I am not sure why '!' is used in some instances. Probably something a sufficiently motivated person (read: not me) could learn about on google.

Last edited by anomie; 11-15-2005 at 07:54 PM.
Old 11-16-2005, 01:34 AM   #6
Registered: Sep 2002
Location: Cincinnati
Distribution: Debian GNU/Linux
Posts: 310

Rep: Reputation: 31
If you're worried about people using su to set user to a different account, set the other accounts to have the shell /dev/null. See this post --

To answer your bang vs any question, my system can't tell the difference.
Old 11-16-2005, 02:12 AM   #7
LQ Newbie
Registered: Sep 2005
Posts: 4

Rep: Reputation: 0
This is true that every account disabled with a '!' has /bin/false in its default shell field exept fetchmail actually (using Ubuntu linux breezy badger).
See below 2 lines from my /etc/passwd file:


So i'm not sure whether or not i should set /bin/false to fetchmail.

Anyway this is off topic.

And i did a quick googling but i did not find anything. It seems that there is so much information for newbies that you always end up on websites that only describe the basics. But i certainly did not search well enough.

So maybe, i'll ask one of my teachers... that'd be a good test!
Old 11-16-2005, 02:43 AM   #8
LQ Newbie
Registered: Sep 2005
Posts: 4

Rep: Reputation: 0
Well, I found that:

I guess it resolves the topic. Moderators ?
Old 11-17-2005, 05:25 AM   #9
LQ Newbie
Registered: Sep 2005
Posts: 4

Rep: Reputation: 0
* -> User cannot login by password (may login by other means like
! -> User cannot login at all.

See man-page of adduser. "--disabled-password" creates '*', "--disabled-login" creates '!'.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
what does password field mean? hongxing Linux - Software 5 11-28-2005 06:33 PM
useradd without shadow password twallstr Linux - Software 1 09-08-2005 02:14 PM
/etc/shadow password field amfoster Linux - Security 2 08-24-2004 11:39 AM
Shadow password encryption mnisski Linux - General 3 05-28-2004 06:24 PM
shadow password wincrk Linux - Security 3 03-16-2003 09:07 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:20 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration