Re: bin/58005: passwd always errors out; cannot change passwords anymore

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,michael.cheponis%gmail.com@localhost
Subject: Re: bin/58005: passwd always errors out; cannot change passwords anymore
From: Michael Cheponis <michael.cheponis%gmail.com@localhost>
Date: Fri, 8 Mar 2024 09:00:02 +0000 (UTC)

The following reply was made to PR bin/58005; it has been noted by GNATS.

From: Michael Cheponis <michael.cheponis%gmail.com@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
Subject: Re: bin/58005: passwd always errors out; cannot change passwords anymore
Date: Fri, 8 Mar 2024 00:56:44 -0800

 --00000000000037766106132261a2
 Content-Type: text/plain; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable
 
 This is interesting.
 
 # more passwd.conf
 #       $NetBSD: passwd.conf,v 1.4 2021/10/26 20:44:45 nia Exp $
 #
 # passwd.conf(5) -
 #       password configuration file
 #
 
 default:
         localcipher =3D argon2id
         ypcipher =3D old
 
 
 cat /usr/mac/SS/root/etc/passwd.conf    <--- Where the very old saved /etc
 is.
 default:
   localcipher =3D sha1
   ypcipher =3D sha1
 
 
 Do I need to change the passwd.conf so ypcipher =3D argon2id ?
 
 
 Just to emphasize, this must have been changed by sysupdate when I went
 from _RC3 to _RC5
 
 Thank you,
 Mike
 
 
 On Thu, Mar 7, 2024 at 2:30=E2=80=AFAM Michael van Elst <mlelstv%serpens.de@localhost=
 > wrote:
 
 > The following reply was made to PR bin/58005; it has been noted by GNATS.
 >
 > From: mlelstv%serpens.de@localhost (Michael van Elst)
 > To: gnats-bugs%netbsd.org@localhost
 > Cc:
 > Subject: Re: bin/58005: passwd always errors out; cannot change passwords
 > anymore
 > Date: Thu, 7 Mar 2024 10:29:11 -0000 (UTC)
 >
 >  michael.cheponis%gmail.com@localhost writes:
 >
 >  >4. I saved /etc so I copied into /etc a previous version of spwd.db
 >  >5. This allowed logging in to the machine.
 >  >6. passwd always fails henceforth like this:
 >
 >  >Couldn't generate salt.
 >  >Unable to change auth token: Error in service module
 >
 >  >passwd.conf:    localcipher =3D argon2id
 >
 >
 >  This happens when passwd.conf is bad and the "localcipher" (or
 >  "ypcipher" for NIS accounts) is unknown.
 >
 >  Can you please check your passwd.conf file ?
 >
 >
 >  N.B. spwd.db is generated. If it gets damaaged, I'd check/recover the
 >  source (aka the passwd.master file) and rebuild spwd.db.
 >
 >
 
 --00000000000037766106132261a2
 Content-Type: text/html; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable
 
 <div dir=3D"ltr"><div class=3D"gmail_default" style=3D"font-family:arial,he=
 lvetica,sans-serif;font-size:small">This is interesting.</div><div class=3D=
 "gmail_default" style=3D"font-family:arial,helvetica,sans-serif;font-size:s=
 mall"><br></div><div class=3D"gmail_default" style=3D"font-family:arial,hel=
 vetica,sans-serif;font-size:small"># more passwd.conf=C2=A0<br># =C2=A0 =C2=
 =A0 =C2=A0 $NetBSD: passwd.conf,v 1.4 2021/10/26 20:44:45 nia Exp $<br>#<br=
 ># passwd.conf(5) -<br># =C2=A0 =C2=A0 =C2=A0 password configuration file<b=
 r>#<br><br>default:<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 localcipher =3D argon2id=
 <br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 ypcipher =3D old</div><div class=3D"gmail_d=
 efault" style=3D"font-family:arial,helvetica,sans-serif;font-size:small"><b=
 r></div><div class=3D"gmail_default" style=3D"font-family:arial,helvetica,s=
 ans-serif;font-size:small"><br>cat /usr/mac/SS/root/etc/passwd.conf=C2=A0 =
 =C2=A0 &lt;--- Where the very old saved /etc is.<br>default:<br>=C2=A0 loca=
 lcipher =3D sha1<br>=C2=A0 ypcipher =3D sha1<br></div><div class=3D"gmail_d=
 efault" style=3D"font-family:arial,helvetica,sans-serif;font-size:small"><b=
 r></div><div class=3D"gmail_default" style=3D"font-family:arial,helvetica,s=
 ans-serif;font-size:small"><br></div><div class=3D"gmail_default" style=3D"=
 font-family:arial,helvetica,sans-serif;font-size:small">Do I need to change=
  the passwd.conf so ypcipher=C2=A0=3D argon2id=C2=A0?</div><div class=3D"gm=
 ail_default" style=3D"font-family:arial,helvetica,sans-serif;font-size:smal=
 l"><br></div><div class=3D"gmail_default" style=3D"font-family:arial,helvet=
 ica,sans-serif;font-size:small"><br></div><div class=3D"gmail_default" styl=
 e=3D"font-family:arial,helvetica,sans-serif;font-size:small">Just to emphas=
 ize, this must have been changed by sysupdate when I went from _RC3 to _RC5=
 </div><div class=3D"gmail_default" style=3D"font-family:arial,helvetica,san=
 s-serif;font-size:small"><br></div><div class=3D"gmail_default" style=3D"fo=
 nt-family:arial,helvetica,sans-serif;font-size:small">Thank you,</div><div =
 class=3D"gmail_default" style=3D"font-family:arial,helvetica,sans-serif;fon=
 t-size:small">Mike</div><div class=3D"gmail_default" style=3D"font-family:a=
 rial,helvetica,sans-serif;font-size:small"><br></div></div><br><div class=
 =3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Thu, Mar 7, 2024 =
 at 2:30=E2=80=AFAM Michael van Elst &lt;<a href=3D"mailto:mlelstv@serpens.d=
 e">mlelstv%serpens.de@localhost</a>&gt; wrote:<br></div><blockquote class=3D"gmail_qu=
 ote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,20=
 4);padding-left:1ex">The following reply was made to PR bin/58005; it has b=
 een noted by GNATS.<br>
 <br>
 From: <a href=3D"mailto:mlelstv%serpens.de@localhost"; target=3D"_blank">mlelstv@serpe=
 ns.de</a> (Michael van Elst)<br>
 To: <a href=3D"mailto:gnats-bugs%netbsd.org@localhost"; target=3D"_blank">gnats-bugs@n=
 etbsd.org</a><br>
 Cc: <br>
 Subject: Re: bin/58005: passwd always errors out; cannot change passwords a=
 nymore<br>
 Date: Thu, 7 Mar 2024 10:29:11 -0000 (UTC)<br>
 <br>
 =C2=A0<a href=3D"mailto:michael.cheponis%gmail.com@localhost"; target=3D"_blank">micha=
 el.cheponis%gmail.com@localhost</a> writes:<br>
 <br>
 =C2=A0&gt;4. I saved /etc so I copied into /etc a previous version of spwd.=
 db<br>
 =C2=A0&gt;5. This allowed logging in to the machine.<br>
 =C2=A0&gt;6. passwd always fails henceforth like this:<br>
 <br>
 =C2=A0&gt;Couldn&#39;t generate salt.<br>
 =C2=A0&gt;Unable to change auth token: Error in service module<br>
 <br>
 =C2=A0&gt;passwd.conf:=C2=A0 =C2=A0 localcipher =3D argon2id<br>
 <br>
 <br>
 =C2=A0This happens when passwd.conf is bad and the &quot;localcipher&quot; =
 (or<br>
 =C2=A0&quot;ypcipher&quot; for NIS accounts) is unknown.<br>
 <br>
 =C2=A0Can you please check your passwd.conf file ?<br>
 <br>
 <br>
 =C2=A0N.B. spwd.db is generated. If it gets damaaged, I&#39;d check/recover=
  the<br>
 =C2=A0source (aka the passwd.master file) and rebuild spwd.db.<br>
 <br>
 </blockquote></div>
 
 --00000000000037766106132261a2--

Prev by Date: Re: bin/58005: passwd always errors out; cannot change passwords anymore
Next by Date: Re: kern/58009: ffs_newvnode panic while untarring comp.tar.xz
Previous by Thread: Re: bin/58005: passwd always errors out; cannot change passwords anymore
Next by Thread: Re: bin/58005: passwd always errors out; cannot change passwords anymore
Indexes:

Home | Main Index | Thread Index | Old Index