19

What are the default passwords of these users?

  • root
  • daemon
  • bin
  • sys
  • sync
  • games
  • man
  • lp
  • mail
  • news
  • uucp
  • nobody

Can anyone log in through ssh or ftp as these users?

Braiam
  • 67,791
  • 32
  • 179
  • 269
dr.praveenss
  • 193
  • 1
  • 1
  • 6

4 Answers4

25

what are default password of these users : root, daemon, bin, sys, sync, games, man, lp, mail, news, uucp, nobody.

You can check the status by looking in the shadow password file (/etc/shadow) at the second field. By default these accounts are locked (the password is set to *), which disables logins.

Can anyone login through ssh or ftp by these users ??

Not unless you have set a password for them.

Cry Havok
  • 1,322
  • You mean the hashed password is "*" right? – Ramchandra Apte Feb 28 '14 at 07:50
  • No, the value of the hashed password field is the character "*", which no password hashing algorithm will produce. Additional ways to prevent logins is by having invalid home directories and special shells in /etc/passwd (see man 5 passwd;man login;man 3 crypt` ) – waltinator Mar 11 '14 at 17:05
12

If you would look at the password file you would see that these have a specific setting (games used as an example):

$ more /etc/passwd|grep games
games:x:5:60:games:/usr/games:/bin/sh

The 1st three (: is the separator):

  • name
  • password. An x character indicates that encrypted password is stored in /etc/shadow file.
  • user ID (UID): 1-99 are reserved for other predefined accounts.

The password is hashed (if it starts with a $ it is encrypted).

Regarding /etc/shadow

If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means).

Can anyone login through ssh or ftp by these users ??

Not by default. In theory you can create a user named games as an actual user or change the pwd of the user games.

Rinzwind
  • 299,756
  • How does the user ID lock it out of the system? If I set a password for the games account I have no problem logging in as games. – Cry Havok Feb 27 '14 at 11:50
  • 3
    This answer implies that these accounts have an "encrypted and unknown" password. But if you look in /etc/shadow, you'll see that these accounts do not have a password assigned at all, and are marked as locked from login. I think the wording of this answer could be improved. – indiv Feb 27 '14 at 17:18
  • yes I should have said hashed :P – Rinzwind Feb 27 '14 at 18:16
3

Most of this users are reserved for some service , you cannot log in with , the aim of this users is when its hacked it has minimal affect on your system like nobody user which has no password making it possible for attacker to know.

Ubuntu by default root account is locked for security issues , you can use sudo to have admin privileges and the password is unknown and encrypted .

In Addition ,

Some of these users are users having a valid shell with no password ( like bin )

It cannot connect by ssh because it needs /bin/.ssh/authorized_keys to connect .

By other words these users are security users other than login based users .

Note its not recommended to change the state of these users ( change passwords or lock or unlock)

nux
  • 38,017
  • 35
  • 118
  • 131
3

Logins like nobody will typically be "locked", so it is not possible to log in as them using a password (in any way, not SSH, not FTP, not the su command etc)

http://manpages.ubuntu.com/manpages/hardy/man1/passwd.1.html

-l, --lock
    Lock the named account. This option disables an account by changing
    the password to a value which matches no possible encrypted value,
    and by setting the account expiry field to 1.

However, if you have sudo access you can switch to these accounts with a command like this:

$ sudo su nobody

This is because the super-user can change to any account without entering a password

dbr
  • 141
  • 3