[ale] how to create user with no password

James P. Kinney III jkinney at localnetsolutions.com
Thu Feb 26 11:28:30 EST 2004

On Thu, 2004-02-26 at 10:52, Geoffrey wrote:
> Armsby John-G16665 wrote:
> > All,
> > 
> > I am running an out of the box redhat 9.  I am required to set up an
> > account for corporate "bdnaadmin' with NO PASSWORD.  It seems that
> > the GUI (how embarassing for me) requires a password.  I have tried
> > deleting the account, then using "adduser bdnaadmin".  RedHat put one
> > in for me...
> Actually you have two options.  Editing the /etc/passwd or /etc/shadow 
> and removing the password, the id will not be prompted for a password. 
> If you change the password as root, just hit return, it might complain 
> about the password, but hit return again anyway and then the user will 
> be prompted for a password and be required to simply hit return.

And while your editing the /etc/passwd file, change the line that reads:

This will prevent shell access. Since this account is for some process
too stupid to use a password, that process is WAY too stupid to access
to shell commands. Better yet, make the only character between the first
and second ":" a "!". This will prevent logins.

For remote access security, setup this account to use ssh access with
RSA keys only. 

As an admin who has been faced with brain-damaged decisions that just
beg for unauthorized system access, I have used the line "I can't do
that. The system REQUIRES a password on EVERY account."

If the brain-damage continues, be sure to document the entire process
(who said what and when) so when it comes back to bite you in the butt,
you will have some recourse.
James P. Kinney III          \Changing the mobile computing world/
CEO & Director of Engineering \          one Linux user         /
Local Net Solutions,LLC        \           at a time.          /
770-493-8244                    \.___________________________./

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part

More information about the Ale mailing list