| www.delorie.com/archives/browse.cgi | search |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sources.redhat.com/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Message-ID: | <001301c1c90d$00d1ecc0$6fc82486@medschool.dundee.ac.uk> |
| Reply-To: | "fergus at bonhard dot uklinux dot net" <fergus AT bonhard DOT uklinux DOT net> |
| From: | "fergus at bonhard dot uklinux dot net" <fergus AT bonhard DOT uklinux DOT net> |
| To: | <cygwin AT cygwin DOT com> |
| Cc: | <fergus AT bonhard DOT uklinux DOT net> |
| Subject: | Setting and using a password in W98 |
| Date: | Mon, 11 Mar 2002 14:57:02 -0000 |
| MIME-Version: | 1.0 |
| X-Priority: | 3 |
| X-MSMail-Priority: | Normal |
| X-Mailer: | Microsoft Outlook Express 6.00.2600.0000 |
| X-MimeOLE: | Produced By Microsoft MimeOLE V6.00.2600.0000 |
All this is in W98:
I pasted the output from crypt {mypassword}into the appropriate place in
/etc/passwd as shown
{myusername}:{output}:500:544::/home/{myusername}:/bin/bash
and now I get prompted for a password when starting Cygwin. Nice.
(This is when starting Cygwin with "c:\Cygwin\bin\rxvt -e /bin/login" but I
know there are lots of variations in how Cygwin may be started. Most of them
are successfully tripped up by this new setting.)
It's not really very secure, of course: anybody who knew even a bit about
things could hack /etc/passwd from Windows and climb in that way. But it
serves a small purpose. However: I hadn't expected that two of the simpler
startup modes
c:\Cygwin\bin\bash --login
and
c:\Cygwin\bin\bash --login -i
(the latter being exactly what's in c:\Cygwin\cygwin.bat) would both let me
straight in, by-passing the password protection.
Q1. Is there some way, in W98, that I can protect myself further?
By the way, other startup modes I have tried include
1. c:\Cygwin\bin\bash followed by ./login at the bash-2.05a$ prompt
2. c:\Cygwin\bin\rxvt followed by ./login at the $ prompt
3. c:\Cygwin\bin\login
4. c:\Cygwin\bin\rxvt -e /bin/login
5. c:\Cygwin\bin\rxvt -e /bin/bash --login
It is not easy to distinguish quite what's optimal/ redundant/ inefficient
here. I use (4) and have seen (5) recommended. (3) is beautifully sparse.
Several other possibilities, not all that different from these, are clearly
"wrong" in that they cause what looks like a working terminal window to be
flashed briefly to the screen before instantly disappearing. I'm sure there
are many other alternatives that work.
Summarising: I had been going to ask
Q2. what the "approved" startup sequence would be for somebody requiring
password protection and wanting also to start in a rxvt terminal. Is it (4)?
Q3. Could the contents of c:\Cygwin\cygwin.bat be "officially" tweaked to
c:\Cygwin\bin\login in order to gain the password-protection that is not
conferred by the current contents of c:\Cygwin\cygwin.bat, or would this
change simply induce other, different, equally bad consequences?!
Fergus
Fergus
Fergus
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |