Change user without password linux

How to Switch (su) to Another User Account without Password

In this guide, we will show how to switch to another or a specific user account without requiring a password. For example, we have a user account called postgres (the default PostgreSQL superuser system account), we want every user (typically our PostgreSQL database and system administrators) in the group called postgres to switch to the postgres account using the su command without entering a password.

By default, only the root user can switch to another user account without entering a password. Any other user will be prompted to enter the password of the user account they are switching to (or if they are using the sudo command, they will be prompted to enter their password), if they don’t provide the correct password, they get an “authentication failed” error as shown in the following screenshot.

User Authentication Failure Error

You can use any of the two solutions provided below to solve the above issue.

1. Using PAM Authentication Module

PAM (Pluggable authentication modules) are at the core of user authentication on modern Linux operating systems. To allow users in a specific group to switch to another user account without a password, we can modify the default PAM settings for the su command in the /etc/pam.d/su file.

Add the following configurations after “auth sufficient pam_rootok.so” as shown in the following screenshot.

In the above configuration, the first line checks if the target user is postgres, if it is, the service checks the current user, otherwise, the default=1 line is skipped and the normal authentication steps are executed.

The line that follows checks if the current user is in the group postgres, if yes , the authentication process is considered successful and returns sufficient as a result. Otherwise, the normal authentication steps are executed.

Configure PAM to Allow Running Su Command without Password

Save the file and close it.

Next, add the user (for example aaronk) that you want to su to the account postgres without a password to the group postgres using usermod command.

Now try to su to the postgres account as the user aaronk, you should not be prompted for a password as shown in the following screenshot:

Add User to Group

2. Using Sudoers File

You can also su to another user without requiring a password by making some changes in the sudoers file. In this case, the user (for example aaronk) who will switch to another user account (for example postgres) should be in the sudoers file or in the sudo group to be able to invoke the sudo command.

Then add the following configuration below the line “%sudo ALL=(ALL:ALL) ALL” as shown in the following screenshot.

Add User to Sudoers File

Save and close the file.

Now try to su to the account postgres as the user aaronk, the shell should not prompt you to enter a password:

Switch to Other User Without Password

That’s all for now! For more information, see the PAM manual entry page (man pam.conf) and that of sudo command as well (man sudo).

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

We are thankful for your never ending support.

Источник

How to create a user without password in Linux

This article title may sound awkward to you, but it’s useful. You may ask, why would we want to create a user without a password. I thought that too, but my friend faced this question in one of the interviews.

So, I want to share this with users who are looking for an answer to this question. Practically it may not be useful, but you should know the answer.

This article shows you how to create a user account without a password OR an empty password on Linux.

What is passwd command?

The passwd command is one of the most frequently used command by Linux administrator’s to update users’ authentication tokens in the /etc/shadow file by calling the Linux-PAM and Libuser API’s.

What is useradd command?

Linux is a multi-user operating system that allows more than one user to interact with the system at the same time. The “useradd” command is used to create new user accounts. When executed, “useradd” command creates a new user account as per the options specified in the ‘/etc/default/useradd file’ & ‘/etc/login.defs’ file.

Now let’s delve into some of the methods used to create a user account without password:

Method-1: Creating a user without password using passwd command

You can create a user without a password on Linux using the “passwd” command as follows :

Run the useradd command to create a user account as shown in the example below.

Note: we can use the commands “useradd” or “adduser” interchangeably to create a user in Linux.

useradd is native binary compiled with the system. But, adduser is a perl script which uses useradd binary in back-end. adduser is more user friendly and interactive than its back-end useradd. There’s no difference in features provided.

Once you have created the user, use the passwd command to remove the user’s password.

Details:

• -f or —force Force operation
• -u or —unlock Unlock the password for the named account (root only)

Method-1.a: Using passwd comamnd

Alternatively, you can use the -d option with the passwd command to remove the password for a user.

Details:

• -d or —delete Delete the password for the named account (root only)

Now, you’ve created a user with “disabled password”. But when you try to access it, it will ask for the password at the same time not allowing you to login.

You might get an error message saying “Access denied”.

That’s the expected behavior and you will not receive an error message such as “No password, you cannot login”.

Method-2: Creating a user without password using chpasswd command

You can create a user with an empty password on Linux using the “chpasswd” command.

Run the below command to create a user account:

Once you have created the user, use the below command to remove the user’s password. The -e option expects a hashed password, but you are given a simple password, which is why it is not taken.

Details:

• -e or —encrypted Supplied passwords are encrypted

Method-3: Creating a user without password using useradd command

You can create a password-free user on Linux using the “useradd” command.

The -p option expects a hashed password, but you are provided with a simple password, which is why it is not taken.

Details:

• -p or —password Encrypted password of the new account

Method-3.a: Using /sbin/nologin shell

User account can be created with the /sbin/ nologin shell option. This shell usually does not allow the user to log in to the computer.

You will receive the following message when you attempt to switch the account from the root.

Details:

• -s or —shell Login shell of the new account

Method-3.b: Changing the shell to false

We can use the /bin/false option with the “useradd” command to create a new user without password. ‘/bin/false’ is just a binary that immediately exits, returning false, when it’s called. The user logs in and immediately sees the login prompt again.

This shell works exactly like the one above, and it does not allow the user to log in to the computer.

When you try to switch the account from the root you get nothing.

Method-3.c: Changing the shell to /dev/null

‘/dev/null’ is a simple device which is implemented in software and doesn’t correspond to any hardware device on the system.

dev/null looks empty when you read from it, whereas data written to this device simply “disappears.”

User can be disabled by changing the shell to /dev/null as shown below:

Closing Notes

You learnt different ways to create a user without a password in Linux.

If you found this article helpful, please do share with your friends and spread the knowledge. Please feel free to comment below if you have any queries/concerns. We will get back to you as soon as we can. Happy learning!

Источник

Change between user and root without password

How to ensure that all identity changes for a privileged user account belonging to the wheel group on a privileged user account are performed without having to provide a password without deleting the password for the root account?

2 Answers 2

It sounds like you want these users accounts to be able to sudo to root with out providing a password. If this is the case, this is actually quite easy.

You can create a file in /etc/sudoers.d to define the sudo behaviour and also to define sudo perimissions.

Say you have an account named a account defined named lindsay. You want Lindsay to have sudo access, without needing to type in her password when using sudo. To accomplish this you would do the following:

1. Create a new file in /etc/sudoers.d using your favourite text editor. In my example I’ll create a file in this location named lindsay since that’ll help to remember what this is for later.
2. Add the following single line of text to the newly created file and save the changes.

1. Next we need to set permissions of 0400 on this file:

That’s it! Our user Lindsay will now be able to sudo to root without re-authenticating by typing in her password. You can find more details about the syntax and some examples in the link below.

Be aware of the security implications of doing this since you are intentionally weakening the security of your Ubuntu installation.

Источник

How to switch users without entering password

I’m a newbie running Ubuntu 9.10. I have two users (wife and me), and each user’s screensaver is set to lock so that on wakeup, we get to choose which user’s desktop to go to. However, Ubuntu requires a password, so this is pretty tedious.

I’d like to switch users without entering any password. I know about this trick that works for the boot login, but it doesn’t deal with multiple users.

Is it possible to set empty passwords for users in Ubuntu, or skip the password in other ways?

(I’m expecting real Linux users to suggest that passwordless users must not get any rights and there be an admin user with a strong password. Yes, you’re right. But that’s not what this question is about. Thanks.)

2 Answers 2

There is a way to achieve password-less logins in GDM by monkeying with GDM and/or PAM configurations. This is not the same as setting an empty password, or having GDM auto-login a given user; and it only works in GDM — logging in on the text console, or via SSH, or using sudo, still requires a password.

This is from this recent post under an older UbuntuForums HowTo on enabling passwordless logins in GDM. I’ve used this method before with success, under Ubuntu 9.04; I don’t know if it’s still viable for Ubuntu 9.10.

Adding this line to the beginning of /etc/pam.d/gdm (make a backup!) tells PAM that the foo user doesn’t need to give a password to login to GDM:

If your users are all in some group (say, group family), you could give this capability to all family users with this line instead:

This works on the basic GDM login screen; I’m not sure if it will work with the coming-back-from-screensaver.

Источник

Creating a user without a password

I’m trying to create a user without password like this:

It’s created fine. But when I try to login under the git user I’m getting the password entering:

When I leave it empty I get an error:

6 Answers 6

The —disabled-password option will not set a password, meaning no password is legal, but login is still possible (for example with SSH RSA keys).

To create an user without a password, use passwd -d $username after the user is created to make the password empty. Note not all systems allow users with empty password to log in.

You’ve created a user with a “disabled password”, meaning that there is no password that will let you log in as this used. This is different from creating a user that anyone can log in as without supplying a password, which is achieved by specifying an empty password and is very rarely useful.

In order to execute commands as such “system” users who don’t log in normally, you need to hop via the root account:

If you want certain users to be able to run commands as the git user without letting them run commands as root, set up sudo (run visudo as root and add a line like %gitters ALL = (git) ALL ).

If you want to access the system under the git user you should use sudo:

Create an user with empty password

The password prompt still shows unfortunately.

But if you just hit enter without typing anything, and it logins as the user test-user-0 .

The -e flags tells chpasswd that the password is already encrypted, and U6aMy0wojraho is the hash of the empty string.

Tested on Ubuntu 18.04.

Terminal autologin with getty -a

On the terminal at least, you don’t need to create an user without a password to allow someone to not type their passwords every time.

So I believe that it should not be very hard to adapt that technique by modifying Ubuntu 18.04’s systemd init system scripts to setup a getty -a terminal as mentioned in that answer, although I haven’t tried to do it myself.

Источник