You are not logged in.
Okay... I noticed a few weeks ago I could not upgrade my server's passwords. I manage the box over SSH, so i changed my password as a regular user, logged out, and found myself 'locked out' over SSH, until I tried my old password - which logged me in promptly.
So i tried to change it as root, same result!
My file permissions look like this:
[stijn@amalthea ~]$ ls -l /etc/shadow*
-rw------- 1 root root 293 dec 14 00:32 /etc/shadow
-rw------- 1 root root 268 nov 10 18:57 /etc/shadow-
[stijn@amalthea ~]$ ls -l /etc/group
-rw-r--r-- 1 root root 407 dec 14 00:31 /etc/group
[stijn@amalthea ~]$ ls -l /etc/passwd
-rw-r--r-- 1 root root 384 nov 10 19:04 /etc/passwd
I wonder what could be wrong? All works fine now, but I'd like to change (strengthen) my user account's password... Htop shows no suspicious processes, and the box is only accessible via SSH, only my user is allowed (root login disabled), SSH is on a non-standard port and you need keys to get in - so I don't think it got cracked (other than SSH there is no way you can reach it from the web).
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline
since you are using ssh (with keys) isn't the password you use to login to the comp your ssh key password rather than your user password?
Last edited by abhidg (2007-12-14 08:15:53)
Offline
No, SSH has no accounts, it uses the credentials of your user account.
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline
and what about charmap or encoding problem ? did you include é or other key like that in your passwd ?
Offline
It's common ASCII stuff, but no accented letters. For comparison, changing the passwords on my laptop worked fine, and I am using the passwords there I'd like to put on my server too . On my server it refuses to change them though, and I remember trying to change root's password too, no luck there either.
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline
does the password hash in /etc/shadow change when you try to change passwords?
Offline
I will check on that tonight . I have tried to reinstall shadow and stuff, but that didn't help.
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline
Okay i did a check... And the hash in /etc/shadow does change.
And then it hit me... As I said i'm using SSH keys to log in to my server, so whether I change my account's password or not, it does not matter for those keys. They're protected by a passphrase anyway, and that passphrase is in no way whatsoever affected when I change my account.
* B slaps himself on the head
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline