Firewalls: shadow file in Solaris

Firewalls
(December 1995)

Indexed By Thread: [Previous] [Next]

Subject:	shadow file in Solaris
From:	toms @ trex . esy . com (Tom Sanders)
Date:	Tue, 19 Dec 1995 10:13:27 -0600
To:	firewalls @ greatcircle . com
Cc:	wesh @ newsnet . esy . com

Howdy,

Here is a newbie question. 

>From the Solaris 2.3 manpage on shadow:

---cut-----
password    A 13-character encrypted password for the  user,
                 a  lock string to indicate that the login is not
                 accessible, or no string, which shows that there
                 is no password for the login.
----cut-----
We run the TIS toolkit. We don't run NIS. The FW forwards mail to the inside.
My firewall shadow file has three TYPES of entries as follows:

root:Drf83xjd83jd83.3:9999::::::  <----- NOT my real root passwd! But waste
					your time if you want.
daemon:NP:6445:::::: 	<--- Is this the Lock string? or does NP=No passwd?
listen:*LK*:::::::		<--- Is this the Lock string? *LK*=LOCK?

Is it safer to just delete unnecessary accounts such as uucp, lp, listen,
 smtp etc?

If so which ones do we delete?

Are we paranoid? 

TIA

Tom
toms @
 esy .
 com

Indexed By Date	Previous:	Re: IPX connectivity outside of the firewall From: cjc @ novell . com (Chris Calabrese)
Indexed By Date	Next:	MorningStar DES From: Chris Tyler <chris @ dejong . com>
Indexed By Thread	Previous:	Re: Firewall-1, any hints or gotcha's in it's installation?? From: meiji!antonio @ uunet . uu . net (Antonio Devido)
Indexed By Thread	Next:	MorningStar DES From: Chris Tyler <chris @ dejong . com>