Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.4: Hide all low UID users from the login window' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: Hide all low UID users from the login window
Authored by: rohanl on May 22, '06 09:58:25PM

The convention of having a '*' in the password entry to block logins, started back in the days when the actual encrypted passwd was stored in /etc/passwd.

The encrypted passwd was a string like "hvlAlAxmCi1vc" obtained by using the DES crypt function. An encrypted passwd of "*" was invalid, as no matter what you entered as a passwd it wouldn't encrypt to that.

Nowadays the encrypted passwd is not stored in /etc/passwd to prevent someone from taking the file and working on cracking the passwords in bulk. It's stored elsewhere in a "shadow" file or some other place that is not publicly readable.

But the practice of "*" meaning login disallowed has lived on.



[ Reply to This | # ]