2

I see various examples of how to add a user on Ubuntu server

I have Ubuntu 10.04.2 LTS

I was logged in as root and, when running adduser, my SSH command line asked me for both a 'new password' AND then a 'new UNIX password'.

I was not quite sure what the difference is and wondering why it ask for two types of password.

Why does the adduser command behave surprisingly and how do I go about investigating how and why it veers from the default Ubuntu behaviour?

--------
# adduser joe
Adding user `joe' ...
Adding new group `joe' (1007) ...
Adding new user `joe' (1003) with group `joe' ...
Creating home directory `/home/joe' ...
Copying files from `/etc/skel' ...
Enter new password:
Retype new password:
Enter new UNIX password:
------

Update: Since gaining a better understanding of the issue from feedback from mattdm and AlexD, I have modified this question from its original form which was: "What's the difference between 'new UNIX password' and 'new password' on linux, when adding new user?"

JW01
  • 541
  • 1
  • 6
  • 17
  • 2
    Please post the contents of `/etc/pam.d/passwd`, and of any files that file includes. Thanks. – mattdm May 20 '11 at 13:24
  • I'm a bit hesitant to post a file called `passwd` onto the net. What kind of things would you look for in there that will help answer the question? – JW01 May 20 '11 at 18:23
  • 2
    Don't worry — it just contains the configuration for the PAM (Pluggable Authentication Modules) stack for the `passwd` program itself. Unless you've done something very strange to it, it's unlikely to have any sensitive information. (It is not, itself, a password file.) – mattdm May 20 '11 at 18:26
  • Thanks for your feedback. Having researched into the purpose of the `/etc/pam.d/passwd` file in general, I'm still hesitant of making it public. Your feedback has helped me to realise that I was asking the wrong question, so I have modified it accordingly in the hope that I can learn about how to solve the issue _in principal_ rather than just for this case. – JW01 May 20 '11 at 20:36
  • Okay. :) _Have_ you modified it from the default? – mattdm May 20 '11 at 20:40
  • No. It was one of the first commands I performed after receiving my welcome email from my hosting company and then logging in via ssh. Looking at my `/etc/pam.d/passwd` I notice that PLESK is doing some stuff. So, I'm going to try to work with that lead, rtfm and then come back if I have questions. – JW01 May 20 '11 at 20:47

3 Answers3

3

As adduser script just calls passwd and there are no such strings as Enter new password or Enter new UNIX password in /usr/sbin/passwd binary but later string is found in /lib/security/pam_unix.so, I'd recommend checking /etc/nsswitch.conf and /etc/pam.d/* for something unusual related to passwords.

AlexD
  • 1,088
  • 1
  • 10
  • 14
1

It sounds like the adduser script you ran is broken in that it ran two different password setting programs. It's possible that the first one was a samba password or other alternate password system, but it's more likely just two different versions of the main system password program.

The concern here would be if your system is compromised. I would verify the binaries against the package database and make sure they have not been changed on you. It is possible to modify such script to harvest password by asking for it credentials an extra time.

Caleb
  • 69,278
  • 18
  • 196
  • 226
1

The rules for the behaviour of adduser command is governed by configuration information that is stored in /etc/pam.d/passwd or files that it includes (i.e /etc/pam.d/common-password).

PAM means Pluggable Authentication Modules

This page gives some newby friendly insight into the workings of PAM (but it appears to relate to suse-linux, not Ubuntu):

This page gives some Ubuntu 10.04.2 LTS focused insight into the workings of PAM (but it appears to be aimed at the more experienced linux user):

Between the two pages you might make sense of what's going on in the /etc/pam.d/passwd file.

JW01
  • 541
  • 1
  • 6
  • 17