LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-27-2004, 04:57 AM   #1
mufy
Member
 
Registered: Oct 2004
Location: Kuwait
Distribution: Currently - AIX | Previously - RHEL 4 ES, FC 10
Posts: 206
Blog Entries: 4

Rep: Reputation: 30
Exclamation two root passwords!!!!


Folks,

After having successfully changed my root password, I find that I am able to login as root using either of the passwords. Everytime I try to change it, only the second instance gets altered, without anything happening to the first one.

Is there a way out for me?

Regards,
Mufy
 
Old 12-27-2004, 07:58 AM   #2
amfoster
Member
 
Registered: Aug 2004
Distribution: debian, SuSE
Posts: 365

Rep: Reputation: 36
2 root passwords? Do you happen to be using NIS? Whereas the original root password was set, but a NIS password is different?

Did you happen to set the password using the password command or yppasswd?
 
Old 12-27-2004, 03:10 PM   #3
int0x80
Member
 
Registered: Sep 2002
Location: Cincinnati
Distribution: Debian GNU/Linux
Posts: 310

Rep: Reputation: 31
Do you have multiple entries for root in your /etc/passwd file? Like amfoster, I'm also interested to know what command you used to changed the root password.
 
Old 12-27-2004, 10:54 PM   #4
mufy
Member
 
Registered: Oct 2004
Location: Kuwait
Distribution: Currently - AIX | Previously - RHEL 4 ES, FC 10
Posts: 206

Original Poster
Blog Entries: 4

Rep: Reputation: 30
I used the normal command which is 'passwd'.

Regards,
Mufy
 
Old 12-28-2004, 05:22 AM   #5
int0x80
Member
 
Registered: Sep 2002
Location: Cincinnati
Distribution: Debian GNU/Linux
Posts: 310

Rep: Reputation: 31
And can you post the contents of your /etc/passwd file?
 
Old 12-28-2004, 05:35 AM   #6
mufy
Member
 
Registered: Oct 2004
Location: Kuwait
Distribution: Currently - AIX | Previously - RHEL 4 ES, FC 10
Posts: 206

Original Poster
Blog Entries: 4

Rep: Reputation: 30
This is how my /etc/passwd looks,

/etc/passwd
----------------
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0perator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
radvd:x:75:75:radvd user:/:/sbin/nologin
radiusd:x:95:95:radiusd user:/:/bin/false
ldap:x:55:55:LDAP User:/var/lib/ldap:/bin/false
postgres:x:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash
squid:x:23:23::/var/spool/squid:/sbin/nologin
fax:x:10:14:mgetty fax spool user:/var/spool/hylafax:/sbin/nologin
dialup:x:501:505::/home/dialup:/bin/bash
mysql:x:100:101:MySQL server:/var/lib/mysql:/bin/bash
alias:x:502:506::/var/qmail/alias:/sbin/nologin
qmaild:x:503:506::/var/qmail:/sbin/nologin
qmaill:x:504:506::/var/qmail:/sbin/nologin
qmailp:x:505:506::/var/qmail:/sbin/nologin
qmailq:x:506:507::/var/qmail:/sbin/nologin
qmailr:x:507:507::/var/qmail:/sbin/nologin
qmails:x:508:507::/var/qmail:/sbin/nologin
vpopmail:x:509:508::/home/vpopmail:/sbin/nologin
clamav:x:46:46:Clam AntiVirus:/tmp:/sbin/nologin
spamd:x:510:509::/home/spamd:/bin/false
fetchmail:x:511:511::/home/fetchmail:/bin/bash
ldapuser:x:512:100::/home/ldapuser:/bin/bash
mufeed:x:513:502:Mufeed:/home/mufeed:/bin/bash
oracle:x:1005:1008:Oracle Software Owner:/opt/oracle:/bin/bash

Regards,
Mufy
 
Old 12-28-2004, 05:41 AM   #7
amfoster
Member
 
Registered: Aug 2004
Distribution: debian, SuSE
Posts: 365

Rep: Reputation: 36
You might try deleting the 2nd field from the /etc/shadow file on root's account. ( so that it reads
root:: and then the numbers)

After that, login as root (there will be no password) and then use the passwd command to set a new password.

Then I would look at the /etc/shadow file again to make sure there is an entry in the 2nd field.

I see an entry for ldap. Are you authenticating using ldap? rather than the standard UNIX type authentication?
 
Old 12-28-2004, 05:44 AM   #8
mufy
Member
 
Registered: Oct 2004
Location: Kuwait
Distribution: Currently - AIX | Previously - RHEL 4 ES, FC 10
Posts: 206

Original Poster
Blog Entries: 4

Rep: Reputation: 30
Frankly speaking I have no clue what ldap is for? What's it for anyway?

Regards,
Mufy
 
Old 12-28-2004, 05:56 AM   #9
amfoster
Member
 
Registered: Aug 2004
Distribution: debian, SuSE
Posts: 365

Rep: Reputation: 36
ldap is used as a system for authentication. It works with UNIX and Windoze. It is a server and the users on remote machines when authenticating, reach across the network and use the ldap settings.

You can authenticate using the traditional passwd file, NIS's yppasswd, lvia an ldap server, or a kerberos server.
 
Old 01-06-2005, 05:10 AM   #10
mufy
Member
 
Registered: Oct 2004
Location: Kuwait
Distribution: Currently - AIX | Previously - RHEL 4 ES, FC 10
Posts: 206

Original Poster
Blog Entries: 4

Rep: Reputation: 30
Quote:
Originally posted by amfoster
You might try deleting the 2nd field from the /etc/shadow file on root's account. ( so that it reads
root:: and then the numbers)

After that, login as root (there will be no password) and then use the passwd command to set a new password.

Then I would look at the /etc/shadow file again to make sure there is an entry in the 2nd field.

I tried that dude, but no difference. I still am unable to change my first password.

Regards,
Mufy
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
two root passwords openbysource Red Hat 4 12-02-2005 07:19 AM
Default Root Passwords? Pauli Linux - General 7 09-01-2005 11:35 AM
Multiple root passwords xp1o1d5 Linux - Security 2 07-06-2005 10:00 PM
Help! root has two passwords! jev-bird Linux - Security 13 11-25-2004 06:23 PM
MySQL root passwords ridertech Linux - Software 4 05-11-2004 10:24 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration