bugzilla-daemon at mindrot.org
2004-Mar-08 12:31 UTC
[Bug 811] locked /etc/shadow password prefix on linux
http://bugzilla.mindrot.org/show_bug.cgi?id=811 Summary: locked /etc/shadow password prefix on linux Product: Portable OpenSSH Version: 3.8p1 Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: openssh at roumenpetrov.info Current prefix for locked password is set to '!!' This might is RedHat specific. Slakware and SuSE use: '!' - account(password) can be unlocked '*' - account(password) always remain locked ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-08 12:48 UTC
[Bug 811] locked /etc/shadow password prefix on linux
http://bugzilla.mindrot.org/show_bug.cgi?id=811 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Additional Comments From dtucker at zip.com.au 2004-03-08 23:48 ------- What does the "lock account" command (ie passwd -l or equivalent) do? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-09 06:23 UTC
[Bug 811] locked /etc/shadow password prefix on linux
http://bugzilla.mindrot.org/show_bug.cgi?id=811 ------- Additional Comments From openssh at roumenpetrov.info 2004-03-09 17:23 ------- passwd -l/-u : add/remove symbol '!' before password string passwd -S : report locked password when first symbol is '!' or '*' tested on some slackware and suse versions about '*' prefix. let account password contain '*' - passwd -S report locked after passwd -l : password is '!*' - passwd -S report locked after passwd -u : password is '*' - passwd -S report locked again after passwd -u : no changes in account state I dont have information for other distro. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-30 03:28 UTC
[Bug 811] locked /etc/shadow password prefix on linux
http://bugzilla.mindrot.org/show_bug.cgi?id=811 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- OtherBugsDependingO| |821 nThis| | ------- Additional Comments From dtucker at zip.com.au 2004-03-30 13:28 ------- I think we should just change LOCKED_PASSWD_PREFIX to "!" for all Linuxes, which will also work for Redhat. Debian, Slackware and SuSE all use the upstream "shadow" package (ftp://ftp.pld.org.pl/software/shadow) which does this to lock accounts: strcpy (newpw, "!"); strcat (newpw, cp); ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-30 03:30 UTC
[Bug 811] locked /etc/shadow password prefix on linux
http://bugzilla.mindrot.org/show_bug.cgi?id=811 ------- Additional Comments From dtucker at zip.com.au 2004-03-30 13:30 ------- Created an attachment (id=577) --> (http://bugzilla.mindrot.org/attachment.cgi?id=577&action=view) Use single "!" for LOCKED_PASSWD_PREFIX on Linuxes OK for 3.8.1p1? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-30 03:44 UTC
[Bug 811] locked /etc/shadow password prefix on linux
http://bugzilla.mindrot.org/show_bug.cgi?id=811 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #577| |ok Status| | ------- Additional Comments From djm at mindrot.org 2004-03-30 13:44 ------- (From update of attachment 577) Fine by me ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-30 04:04 UTC
[Bug 811] locked /etc/shadow password prefix on linux
http://bugzilla.mindrot.org/show_bug.cgi?id=811 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED ------- Additional Comments From dtucker at zip.com.au 2004-03-30 14:04 ------- Patch applied, thanks for the report. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-30 07:49 UTC
[Bug 811] locked /etc/shadow password prefix on linux
http://bugzilla.mindrot.org/show_bug.cgi?id=811 openssh at roumenpetrov.info changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED ------- Additional Comments From openssh at roumenpetrov.info 2004-03-30 17:49 ------- I agree with single '!' in prefix. Prefix '*' is only for always locked (usualy "system") accounts and might we can skip that case. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Apparently Analagous Threads
- Announce: X.509 certificates support version 5.5.1 in OpenSSH 4.4p1
- [Bug 606] sshd [-t] should warn when cannot create pid file
- [Bug 605] make install don't create piddir
- OpenSSH FIPS 140-2 support using OpenSSL FIPS modules?
- Announce: X.509 certificates support v7.0 for OpenSSH version 5.9p1