Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!eniac.seas.upenn.edu!jeffe
From: jeffe@eniac.seas.upenn.edu (george)
Newsgroups: comp.unix.questions
Subject: Re: What does '*' symbol in /etc/passwd means?
Message-ID: <44240@netnews.upenn.edu>
Date: 6 Jun 91 05:11:22 GMT
References: <27106@adm.brl.mil> <zfgo01.676167818@hgo7>
Sender: news@netnews.upenn.edu
Reply-To: george@mech.seas.upenn.edu
Organization: University of Pennsylvania, Mechanical Engineering
Lines: 15
Nntp-Posting-Host: eniac.seas.upenn.edu

:I've heard the practice of replacing this field with an '*' as 'starring-out'
:the password, making it impossible for someone to login to that ID since the
:password encryption mechanism is guaranteed to fail.  I've routinely made
:this field "*LOCKED*" or "*NO LOGIN*"  to achieve the same purpose.

of interest.. no entry in the password field ( "*", null, random characters )
"locks" the account if the user has enabled no-password rlogin via a .rlogin
entry.  I suppose this is obvious, but I had to try it to find out.

In this case you can lock the user out by corrupting his home directory entry
as well as his password.

-based on ten minutes of exhaustive testing on a sun4.
--
-george            george@mech.seas.upenn.edu