Download What Is Linux?

Transcript
developer.com - Reference
Passwords
The system stores the user's encrypted password in the password field. This field is very sensitive
to changes, and any modification to it can render the login useless until the system administrator
performs a password change. Only the system administrator or the user can change the password by
using the passwd command.
Some versions of UNIX do not keep the passwords in the /etc/passwd file
because of potential security problems. If the password fields on your
system are all set to x, then another file (called a shadow password file) is
in use. However, all versions of Linux currently available do use this field
by default.
Systems running either Yellow Pages or NIS (Network Information
Service), both of which rely on a central file of user names and
passwords, do not use the password field. Few Linux systems use either
YP or NIS, however, so you can ignore this distinction for the moment.
When a user logs in, the login program logically compares the password the user typed to a block
of zeros, and then compares that result to the entry in the password field. If they match, the user is
granted access. Any deviation causes login to refuse access.
You can use this field to restrict access to the system. If you want to prevent a login from ever
being used for access, such as a system login like lp or sync, place an asterisk between the two
colons for the password field. This asterisk restricts all access. In the sample /etc/passwd file shown
previously, many system logins have an asterisk as their password, effectively blocking access.
You can also use this field to allow unrestricted access by leaving it blank. If no password entry
exists (the field has nothing in it), anyone using the user name is granted access immediately, with
no password requested. Do not leave passwords open unless you are using your Linux system for
your own pleasure and have nothing of value on the filesystem.
Don't attempt to put a password directly in the password field using an editor. You cannot recreate
the encryption method, and you'll end up locking the user account out. Then only the system
administrator will be able to change the password and allow access.
User ID
Every user name has an associated, unique user ID. Linux uses the user ID, also called the UID, to
identify everything associated with the user. The user ID is preferable to the user name because
numbers are easier to work with than the characters in a name and take up less space. Linux tracks
all processes started by a user, for example, by the user ID and not the user name. Some utilities
translate the user ID to display the user name, but utilities generally examine the /etc/passwd file to
match the UID to the name.
The user ID numbers are usually assigned in specific ranges. Most UNIX systems, for example,
http://24.19.55.56:8080/temp/lsg16.htm (6 of 18) [3/17/2001 7:47:00 PM]