Where is the system's "sys" user's password hash stored in Debian?

I want to get the password hash of the sys user in Debian (but the password is preferred). I heard that all password hashes are stored in the /etc/shadow file, but there isn’t a password hash for the sys user.

How to get it?

P.S. I have root access.

Asked By: Vad Sim

||

On a usual desktop installation, what you see in /etc/shadow is what you get, and the system users generally don’t have passwords set. They’re not used for interactive logins, so they don’t need passwords.

E.g. on the system I looked at, /etc/shadow has this line for sys:

sys:*:19101:0:99999:7:::

That * is where the password hash would be if the user had a password. But * is an invalid password hash, no password will produce it, so there is no password the user could log in with.

Note that if the password hash field was empty, it might allow login without entering a password. With the Linux PAM libraries, this is controlled by the nullok setting to pam_unix.so (man page):

nullok
The default action of this module is to not permit the user access to a service if their official password is blank. The nullok argument overrides this default.

(if it’s enabled, and the password is empty, the module doesn’t even ask for the password but accepts the login directly.)

If you really wanted, you could set a password for the system in the usual way, but I would suggest reconsidering what you’re doing; there’s probably a better way. Also note that they may not have a usable shell set either, e.g. on the system I looked, the sys user’s shell is set to /usr/sbin/nologin.

Answered By: ilkkachu
Categories: Answers Tags: , , ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.