(Illustration by Gaich Muramatsu)
On Thu, Oct 18, 2001 at 02:47:50PM -0400, Michael J. Lanham wrote: > I am in the midst of following the add users' section of the manual > and cannot seem to set passwds... > > [root_at_server db]# au -h scm nu > Your Vice name: coda > Your password: > RPC2_Bind() --> RPC2_NOBINDING (F) > [root_at_server db]# > > coda is the userid (uid = 503) that I created on my local machine and > in /etc/passwd who is the administrator of coda. pdbtool shows coda > as a user. but when I type the passwd that exists in /etc/passwd, I We don't use the passwords from /etc/passwd for two reasons. First of all, Coda uses a shared secret based authentication scheme, so the auth2 daemon likes to know your plaintext password. We could let the 'shared' secret be the crypted & salted version of the password, but you would then need to use shadow passwords as everyone can read this secret then from /etc/password. The second reason is that Coda doesn't employ strong encryption as is, but merely obfusticates things using a simple XOR encoding. By grabbing a couple of clog-auth2 authentications, it really isn't that hard to find the password. > get no joy from auth2...so how do I set the passwd for the coda admin > since I never have set it in the first place? cpasswd doesn't help > since I do not know what password set for user coda in the first > place.... Right after giving the name of the Coda administrator a message was displayed that the admin password was set to "changeme". JanReceived on 2001-10-18 15:22:39