Ubuntu: using su for a user which does not have a password



Question:

I am creating a user using useradd command in Ubuntu which does not require that I set a password for the user. how ever when I try to use su command to login as that user, su requires me to enter a password anyway and exits "Authentication failure"

Could you please explain me how does su work and how can I login as a user which does not eave a password(like the default Ubuntu user in Amazon EC2) su requires me enter a password even when there is not password set on Ubuntu user

su requires me enter a password even when there is not password set on ubuntu user


Solution:1

For using su user1 as user2 you need to enter the password of user1 when doing this as standard user. A simple workaround however is doing it as root, as then no password is needed. I.e.: become root (using sudo su), then su into the user1 (using su user1). I do not understand why you want to su to ubunut when you already are that user (as indicated in your screenprint) but that is the way to go.

Make sure that the user is acutally a user account and not a system (service) account like mail


Following the comments below: sudo su user1 is quicker and will also allow you to go back to user2 with one, instead of two exit commands, as you only will create one instead of two login shells.


Solution:2

First it should be noted that by using su ubuntu one would end up using the current user's environment, while what one usually wants to do is to use the target user's environment; so sudo - ubuntu would be the way to go.

However, su is not documented enough, but the fact that to login as an user which has no password is not allowed is probably just su's policy.

To get the equivalent of su - ubuntu, which would be an interactive login shell as the user ubuntu, one might be tempted to run sudo su - ubuntu, which wouldn't prompt for a password; however this would be just redundant, since sudo itself provide this functionality on its own; using sudo su - ubuntu to get an interactive login shell as the user ubuntu would be exactly the same as running a script A which runs a script B in order to just run the script B.

So, to run an interactive login shell as the user ubuntu, just use sudo:

sudo -i -u ubuntu   

From the sudo manpage for Trusty:

  [...]       -i, --login                   Run the shell specified by the target user's password                   database entry as a login shell.  This means that login-                   specific resource files such as .profile or .login will be                   read by the shell.  If a command is specified, it is passed                   to the shell for execution via the shell's -c option.  If no                   command is specified, an interactive shell is executed.  sudo                   attempts to change to that user's home directory before                   running the shell.  The command is run with an environment                   similar to the one a user would receive at log in.  The                   Command Environment section in the sudoers(5) manual                   documents how the -i option affects the environment in which                   a command is run when the sudoers policy is in use.  [...]       -u user, --user=user                   Run the command as a user other than the default target user                   (usually root ). The user may be either a user name or a                   numeric user ID (UID) prefixed with the ‘#’ character (e.g.                   #0 for UID 0).  When running commands as a UID, many shells                   require that the ‘#’ be escaped with a backslash (‘\’).  Some                   security policies may restrict UIDs to those listed in the                   password database.  The sudoers policy allows UIDs that are                   not in the password database as long as the targetpw option                   is not set.  Other security policies may not support this.  [...]  

Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »