I stumbled accross this problem when trying to create new FTP users for vsftpd.
Upon creating a new user with the following command and attempting login with FileZilla, I would get an "incorrect password" error.
useradd f -p pass -d /home/f -s /bin/false
After doing this, /etc/shadow contains
f:pass:1111:0:99:2:::
Once I run the following command and provide the same pass pass
passwd f
/etc/shadow contains
f:$1$U1c5vVwg$x5TVDDDmhi0a7RWFer6Jn1:1111:0:99:2:::
It appears that encryption happens when I run passwd, but doesn't upon useradd
Importantly after doing this, I am able to login to FTP with the exact same credentials.
I am using CentOS 5.11, vsftpd for FTP, and FileZilla for FTP Access
/var/log/secure contains:
Dec 17 useradd[644]: new group: name=f, GID=511
Dec 17 useradd[644]: new user: name=f, UID=511, GID=511, home=/home/f, shell=/bin/false
Why does it not work when I pass -p pass
to useradd? What do I need to do to make it work?
Best Answer
That is working as intended. If you want to set a password using the
useradd
command, you are supposed to give a hashed version of the password touseradd
.The string
pass
does satisfy the format criteria for the hashed password field in/etc/shadow
, but no actual password hashes to that string. The result is that for all intents and purposes, that account will behave as having a password, but any password you try to use to access it will be rejected as not being the correct password.See
man useradd
or the useradd documentation: