Red Hat Linux 7 Unleashed

By William Ball

• Table of Contents
  • Copyright
  • About the Lead Authors
  • About the Contributing Authors
  • Acknowledgments
  • Tell Us What You Think!
  • Introduction
  • I. Red Hat Linux Installation and User Services
  • Chapter 1. Introduction to Red Hat Linux
  • Chapter 2. Installation of Your Red Hat System
  • Chapter 3. LILO and Other Boot Managers
  • Chapter 4. Configuring the X Window System, Version 11
  • Chapter 5. Window Managers
  • Chapter 6. Connecting to the Internet
  • Chapter 7. IRC, ICQ, and Chat Clients
  • Chapter 8. Using Multimedia and Graphics Clients
  • II. Configuring Services
  • Chapter 9. System Startup and Shutdown
  • Chapter 10. SMTP and Protocols
  • Chapter 11. FTP
  • Chapter 12. Apache Server
  • Chapter 13. Internet News
  • Chapter 14. Domain Name Service and Dynamic Host Configuration Protocol
  • Chapter 15. NIS: Network Information Service
  • Chapter 16. NFS: Network Filesystem
  • Chapter 17. Samba
  • III. System Administration and Management
  • Chapter 18. Linux Filesystems, Disks, and Other Devices
  • Chapter 19. Printing with Linux
  • Chapter 20. TCP/IP Network Management
  • Chapter 21. Linux System Administration
  • Chapter 22. Backup and Restore
  • Chapter 23. System Security
    • Thinking About Security An Audit
    • Danger, Will Robinson, Danger!
    • File and Directory Permissions
    • Passwords A Second Look
    • Related WWW Sites
    • Summary
  • IV. Red Hat Development and Productivity
  • Chapter 24. Linux C/C++ Programming Tools
  • Chapter 25. Shell Scripting
  • Chapter 26. Automating Tasks
  • Chapter 27. Configuring and Building Kernels
  • Chapter 28. Emulators, Tools, and Window Clients
  • V. Appendixes
  • A. The Linux Documentation Project
  • B. Top Linux Commands and Utilities
  • C. The GNU General Public License
  • D. Red Hat Linux RPM Package Listings

Passwords—A Second Look

The system stores the user's encrypted password in the /etc/passwd file. If the system is using a shadow password system, the value placed in this field is x. A value of * blocks login access to the account, as * is not a valid character for an encrypted field. This field should never be edited by hand (after it is set up). Instead, a program such as passwd should be used so that proper encryption takes place. If this field is changed, the old password is no longer valid and more than likely will have to be changed by root.

A password should be set up by the user and known only by the user. The system asks for the password, compares the input to the known password, and, if there is a match, confirms the user's identity and lets the user access the system. It cannot be said enough: Do not write down your password. A person who has a user's name and password is, from the system's perspective, that user—and has all of that user's rights and privileges.

Share This