How do you manage multiple /etc/passwd files?

shz at desoto.UUCP shz at desoto.UUCP
Wed Feb 18 00:06:35 AEST 1987


> Please expound on these "obvious" reasons.  If I found a way to force
> users to use a different password on every machine, and used it, my days
> would become (more) filled with requests from users about their forgotten
> passwords.

It SHOULD be obvious that if user X has logins on the set of machines 
(a,b,c, .... z) and the passwords are all the same, then if the password for 
machine 'a' is compromised, the passwords for machines (b,c,d .... z) are 
also compromised.  

In addition, suppose machine 'a' is a general purpose machine and machine 'z'
contains sensitive or secret information.  By using the same password on
both machines, the password for machine 'z' is more easily open to attack 
by users of machine 'a' (not to mention machines [b-y]).

Finally, I said passwords on different machines SHOULD be different, but
I did *NOT* say administrators should FORCE this requirement.  Reading
the literature before flaming would save energy (and you might also
learn something :-) ).

Seth

ihnp4!desoto!shz



More information about the Comp.unix.wizards mailing list