Login with every password.

fakiradam · August 15, 2011, 5:05pm

hi, everyone
I am new on linux. I am learning linux.
I created a new user from YaST2 User and Group Administration. Then later I keep going to learn chown command and open a terminal.
I can login with every password. also I can be super user. I specified a password for new account. I have a password for super user.

What is the problem ?

nrickert · August 15, 2011, 6:17pm

It’s not clear what you mean here, particularly with “I can login with every password.” What exactly are you doing? And do you mean that entering garbage for the password will get you logged in?

fakiradam · August 15, 2011, 6:26pm

When I try to login KDE or terminal, every password is accepted and I login. But I set a password. Last thing I did , I added a new user. Authentication mechanism doesn’t work. I try passwd command to change new password also. But When I try login again ( KDE or terminal ), It accepts every password.

I am new on linux and this thing is not come to me normal.

hcvv · August 15, 2011, 8:26pm

I am not sure this is it, but YaST > Security and users > Users and group management has at the Tab Users a button lower right Expert options. There you find Login Settings. In that window there is an item Passwordless logins. Check that one.

knurpht · August 15, 2011, 10:49pm

Houston, we have a problem :). I understood this completely the other way around, i.e. that the OP doesn’t have to use passwords for any user…Better wait for some explanation.

hcvv · August 15, 2011, 10:54pm

Sorry, my English is bad here.

I want the OP to check if this is not on by accident.

I do not want the user to check the box to switch it on.

I am not sure if I am clear now., but look and when it is on, switch it off.

nrickert · August 15, 2011, 11:20pm

Yes, that was how I understood your post, though I admit that might not have been obvious.

The OP should also check that the encrypted password field in “/etc/shadow” is not empty for the newly created users. An empty password would show as a line “user:: other-stuff” That is, two consecutive “:” immediately after the user name.

fakiradam · August 16, 2011, 1:53am

I looked it, Passwordless Login is not checked. I created a new user and I looked “/etc/shadow/” , It set “linuxkurdu:6kKCt.V17NV7U:15201:0:99999:7:::”. This Problem is not related only new user. All of the users can login with every password. But problem started with adding a new user. I am completely confused.

DenverD · August 16, 2011, 9:25am

On 08/16/2011 01:56 AM, fakiradam wrote:
>
> I looked it, Passwordless Login is not checked. I created a new user and
> I looked “/etc/shadow/” , It set
> “linuxkurdu:6kKCt.V17NV7U:15201:0:99999:7:::”. This Problem is not
> related only new user. All of the users can login with every password.

> But problem started with adding a new user. I am completely confused.

did you add a new user using YaST or from the command line? (if the
latter i can just about guarantee you made a typing or procedural error!

i conclude that your install is bad wrong! it may be fixable from the
command line but i do not know how…i think maybe you need to make
sure your install media is absolutely correct by doing this
http://tinyurl.com/3qde66h first and then do a format and install…do
not keep your /home, instead first save off data…

but, read my caveat and wait for others to either support my plan or
expand on it or tell you to ignore it!

one of the more geeky may guide you to a repair short of reinstall…so
hang around!!

–
DD Caveat
openSUSE®, the “German Engineered Automobile” of operating systems!

hcvv · August 16, 2011, 11:00am

I also am curious on how you added that user. You did not say so as if tthere is only one well know, done by everybody, way to do it. This is seldom the case in Unix/Linux. Thus please , allways explain what you did.

fakiradam · August 16, 2011, 1:28pm

Okey. I am explaining details.
First, I had only one account. I was learning Linux. To learn “chown” command, I have to add a new account. I opened “YaST2 , User and Group Administration” and clicked “Add” button. I entered “full name, name, password” and I didn’t check anything. It warned me a dictionary base password but I accepted it. And I opened the terminal to log out current user and login as a new user. I logged in but I realized that I used first user password. I logged out and tried log in with a wrong password, It accepted. Then I logged out KDE, and I tried to log in from first account with wrong password and I logged in. I tried blank password, I logged in the KDE. I tried to su command with blank password, It works.
I checked my installion media there is no problem.

I removed the new user later, but it didn’t solve the problem. I tried “passwd” command to change my first account password, but it didn’t solve. I controlled “passwordless login”, there is unchecked.

I suspected something. I maked a hard installation for nvidia Geforce 6600 Display Card so I compiled the kernel with gcc for every kernel update to use nvidia drivers. May be, My problem is on my kernel. I installed many programs , (Eclipse, Virtualbox, Qt Studio, Wine) and I don’t want go back and install system again. Is there a solution that is not necessary to remove my programs?

hcvv · August 16, 2011, 1:40pm

Well, your explanation made it quite clear to me what you did. But it is still not clear why this systemwide passwordless login is happening. Never heard such a thing.

And I do understand that you do not want to install everything anew. But it is allways good to have some notes somwhere of what you installed beside the standard install. Just for a case like this and for future reinstalls. It is allways more handy to take a piece of paper after the install and search/install for those packages from the list then finding out by missing things for monthes after that new install.

In any case, let us wait and see if more suggestion are offered by other forum members.

phanisvara · August 16, 2011, 2:24pm

On Tue, 16 Aug 2011 17:16:03 +0530, hcvv <hcvv@no-mx.forums.opensuse.org>
wrote:

>
> Well, your explanation made it quite clear to me what you did. But it is
> still not clear why this systemwide passwordless login is happening.
> Never heard such a thing.
>
> And I do understand that you do not want to install everything anew.
> But it is allways good to have some notes somwhere of what you installed
> beside the standard install. Just for a case like this and for future
> reinstalls. It is allways more handy to take a piece of paper after the
> install and search/install for those packages from the list then finding
> out by missing things for monthes after that new install.
>
> In any case, let us wait and see if more suggestion are offered by
> other forum members.
>

that one user you created & used in the beginning, was that the “root”
user perhaps? that would explain why your permissions got all messed up –
even though somewhere in the process you must have assigned a blank
password to that root user it seems.

–
phani.

hendersj · August 16, 2011, 9:35pm

On Tue, 16 Aug 2011 11:46:03 +0000, hcvv wrote:

> Well, your explanation made it quite clear to me what you did. But it is
> still not clear why this systemwide passwordless login is happening.
> Never heard such a thing.
>
> And I do understand that you do not want to install everything anew. But
> it is allways good to have some notes somwhere of what you installed
> beside the standard install. Just for a case like this and for future
> reinstalls. It is allways more handy to take a piece of paper after the
> install and search/install for those packages from the list then finding
> out by missing things for monthes after that new install.
>
> In any case, let us wait and see if more suggestion are offered by other
> forum members.

It sounds to me like the PAM configuration is messed up.

@fakiradam - what is the output of:

ls /etc/pam.d
cat /etc/pam.d/gdm
cat /etc/pam.d/login

?

Jim

–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

hendersj · August 16, 2011, 9:36pm

On Tue, 16 Aug 2011 12:24:24 +0000, phanisvara wrote:

> On Tue, 16 Aug 2011 17:16:03 +0530, hcvv
> <hcvv@no-mx.forums.opensuse.org> wrote:
>
>
>> Well, your explanation made it quite clear to me what you did. But it
>> is still not clear why this systemwide passwordless login is happening.
>> Never heard such a thing.
>>
>> And I do understand that you do not want to install everything anew.
>> But it is allways good to have some notes somwhere of what you
>> installed beside the standard install. Just for a case like this and
>> for future reinstalls. It is allways more handy to take a piece of
>> paper after the install and search/install for those packages from the
>> list then finding out by missing things for monthes after that new
>> install.
>>
>> In any case, let us wait and see if more suggestion are offered by
>> other forum members.
>>
>>
> that one user you created & used in the beginning, was that the “root”
> user perhaps? that would explain why your permissions got all messed up
> – even though somewhere in the process you must have assigned a blank
> password to that root user it seems.

I don’t think a blank password would let him login with any password,
though - if you boot the liveCD (any of them), there isn’t a password
assigned, and if you login as ‘linux’ or ‘root’, you aren’t prompted for
the password at all.

Jim

–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

DenverD · August 16, 2011, 10:03pm

On 08/16/2011 09:36 PM, Jim Henderson wrote:
> if you boot the liveCD (any of them), there isn’t a password
> assigned, and if you login as ‘linux’ or ‘root’, you aren’t prompted for
> the password at all.

OH! (slapping forehead)

tell us @fakiradam how you are learning linux…i mean did you start
by installing to your hard disk? (using a DVD, or a CD? which)

or are learning while booted from a live CD…or a saved and updated
image of a live CD in a VM??

but, don’t miss answering Jim’s pam questions.

–
DD
openSUSE®, the “German Engineered Automobile” of operating systems!

nrickert · August 16, 2011, 10:58pm

One possibility is a syntax error in “/etc/shadow” or in “/etc/passwd”.

Every line in “/etc/shadow” should have exactly “:” characters. Every line in “/etc/passwd” should have exactly 6 “:” chars.

MatthewEhle · August 17, 2011, 3:32am

Just a shot in the dark…

You aren’t using the ‘sudo’ command when switching users, are you? If you were logged in as your original user, and you were to try the command ‘sudo su <newuser>’ instead of simply ‘su <newuser>’, then typing in your user’s password would make that happen.

I would double check to make sure you are out of root before switching users. Root has the ability to becoming any other user, regardless of password.

Sorry if that sounds kind of basic, but you mentioned that you were new to Linux, and I’m not entirely sure how much of a grasp you have on the root user and using sudo.

fakiradam · August 17, 2011, 4:27am

I am using opensuse 11.4 from hard disk installation not live cd or virtulization.

hendersj, I found these things.

Output from terminal

linux:~ # cat /etc/pam.d/gdm
cat: /etc/pam.d/gdm: No such file or directory
linux:~ # cat /etc/pam.d/login
#%PAM-1.0
auth requisite pam_nologin.so
auth [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad]pam_securetty.so
auth include common-auth
account include common-account
password include common-password
session required pam_loginuid.so
session include common-session
session required pam_lastlog.so nowtmp showfailed
session optional pam_mail.so standard
session optional pam_ck_connector.so
linux:~ #

There is no gdm file but xdm file

#%PAM-1.0
auth include common-auth
account include common-account
password include common-password
session required pam_loginuid.so
session include common-session

I tried to add a second root user from adduser command, but it didn’t solve problem.
I am giving ‘/etc/passwd’ file.** I added ‘newuser and root_user’ after the problem to try solve the problem.**
at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash
avahi:x:103:106:User for Avahi:/var/run/avahi-daemon:/bin/false
bin:x:1:1:bin:/bin:/bin/bash
daemon:x:2:2:Daemon:/sbin:/bin/bash
dnsmasq:x:102:65534:dnsmasq:/var/lib/empty:/bin/false
ftp:x:40:49:FTP account:/srv/ftp:/bin/bash
games:x:12:100:Games account:/var/games:/bin/bash
icecream:x:104:107:Icecream Daemon:/var/cache/icecream:/bin/false
lp:x:4:7:Printing daemon:/var/spool/lpd:/bin/bash
mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false
man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash
messagebus:x:100:101:User for D-Bus:/var/run/dbus:/bin/false
mysql:x:60:105:MySQL database admin:/var/lib/mysql:/bin/false
news:x:9:13:News system:/etc/news:/bin/bash
nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash
ntp:x:74:104:NTP daemon:/var/lib/ntp:/bin/false
polkituser:x:105:108:PolicyKit:/var/run/PolicyKit:/bin/false
postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false
pulse:x:108:110:PulseAudio daemon:/var/lib/pulseaudio:/sbin/nologin
root:x:0:0:root:/root:/bin/bash
root_user:x:0:0::/home/root_user:/bin/bash
rtkit:x:106:109:RealtimeKit:/proc:/bin/false
sshd:x:101:102:SSH daemon:/var/lib/sshd:/bin/false
statd:x:107:65534:NFS statd daemon:/var/lib/nfs:/sbin/nologin
usbmux:x:109:65534:usbmuxd daemon:/var/lib/usbmuxd:/sbin/nologin
uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash
wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false
hardworker:x:1000:100:Hardworker:/home/hardworker:/bin/bash
newuser:x:1001:0::/home/newuser:/bin/bash

I figured out something. I can’t change password with ‘passwd’ command. My shadow file can’t changed.

this is my “/etc/shadow” file
at::15160:0:99999:7:::
avahi::15160:0:99999:7:::
bin::15032::::::
daemon::15032::::::
dnsmasq::15160:0:99999:7:::
ftp::15032::::::
games::15032::::::
icecream::15160:0:99999:7:::
lp::15032::::::
mail::15032::::::
man::15032::::::
messagebus::15032:0::7:::
mysql::15160:0:99999:7:::
news::15032::::::
nobody::15032::::::
ntp::15160:0:99999:7:::
polkituser::15160:0:99999:7:::
postfix::15160:0:99999:7:::
pulse::15160:0:99999:7:::
root:$2a$05$.8IA9n1AkL2M.5.H33u3TOhhV9IV9yTcZwkh62v0XsHw0e3YWcTcq:15160::::::
root_user:U.7V8LRkXJo/s:15202:0:99999:7:4::
rtkit::15160:0:99999:7:::
sshd::15032:0::7:::
statd::15160:0:99999:7:::
usbmux::15160:0:99999:7:::
uucp::15032::::::
wwwrun:*:15032::::::
hardworker:$1$1kSDGmc2$juiQJ4g.mADrRWmQ.sr0o/:15202:0:99999:7:::
newuser:iKHR6qcwPSj5c:15202:0:99999:7:4::

this is my “etc/group” file

at:!:25:
audio:x:17:pulse
avahi:!:106:
bin:x:1:daemon,root_user
cdrom:x:20:
console:x:21:
daemon:x:2:root_user
dialout:x:16:
disk:x:6:
floppy:x:19:
ftp:x:49:
games:x:40:
icecream:!:107:
kmem:x:9:
lock:x:54:
lp:x:7:
mail:x:12:
maildrop:!:59:
man:x:62:
messagebus:!:101:
modem:x:43:
mysql:!:105:
news:x:13:
nobody:x:65533:
nogroup:x:65534:nobody
ntadmin:!:71:
ntp:!:104:
polkituser:!:108:
postfix:!:51:
public:x:32:
pulse:!:110:
pulse-access:!:111:
root:x:0:newuser,root_user
rtkit:!:109:newuser
shadow:x:15:
sshd:!:102:newuser
sys:x:3:newuser,root_user
tape:!:103:
trusted:x:42:
tty:x:5:newuser
utmp:x:22:
uucp:x:14:newuser
video:x:33:hardworker,newuser,root_user
wheel:x:10:newuser,root_user
www:x:8:newuser
xok:x:41:newuser
users:$1$bRlDpu9N$E2sHmRFEkLAAufYXCtVqT0:100:newuser,root_user
vboxusers:!:1000:newuser

thanks for your help

fakiradam · August 17, 2011, 4:32am

I counted 8 for every line.