New Snapshot password problem recognized [Solved]

[klamaux]

I put all your scripts and outputs in one file attached.
hope that helps to recognize the problem

Thanks. Hmm... that's a PDF not a text file...
Anyway. Let's see:
The iso-check to see whether we have the default passwords for root and demo on the ISO:
This is on the PDF file:

Code: Select all

sudo isomount snapshot-20221031_1539.iso
sudo grep -E 'demo|root' /mnt/iso/sq1/etc/shadow
root:$6$EXsoyVzjA73dLzJH$20oBidQ6O8Kw/T6CNgn4MsSJgp1RzKoekIS9Q8kH.19VhsaIbBR5VTfROP.4lbQWYiLctAZWViCXms6oZeYiV/:19090:0:99999:7:::
demo:$6$00.QWA6/nuUAwCgp$6zY9ZGc4MpNnZ.jfvkvFiDTANiT4q8Wj.2rECol6Al4xg/tv73NNLn5ogTapiXyaVQYEpjjqK1r3/AQ93sHN1/:19274:0:99999:7:::

let's verify the passwords using "mkpasswd password hash"-check:
demo:

Code: Select all

HASH='$6$00.QWA6/nuUAwCgp$6zY9ZGc4MpNnZ.jfvkvFiDTANiT4q8Wj.2rECol6Al4xg/tv73NNLn5ogTapiXyaVQYEpjjqK1r3/AQ93sHN1/'
mkpasswd demo "$HASH"
$6$00.QWA6/nuUAwCgp$6zY9ZGc4MpNnZ.jfvkvFiDTANiT4q8Wj.2rECol6Al4xg/tv73NNLn5ogTapiXyaVQYEpjjqK1r3/AQ93sHN1/

root:

Code: Select all

root:$6$EXsoyVzjA73dLzJH$20oBidQ6O8Kw/T6CNgn4MsSJgp1RzKoekIS9Q8kH.19VhsaIbBR5VTfROP.4lbQWYiLctAZWViCXms6oZeYiV/:19090:0:99999:7:::
HASH='$6$EXsoyVzjA73dLzJH$20oBidQ6O8Kw/T6CNgn4MsSJgp1RzKoekIS9Q8kH.19VhsaIbBR5VTfROP.4lbQWYiLctAZWViCXms6oZeYiV/'
mkpasswd root "$HASH"
$6$EXsoyVzjA73dLzJH$20oBidQ6O8Kw/T6CNgn4MsSJgp1RzKoekIS9Q8kH.19VhsaIbBR5VTfROP.4lbQWYiLctAZWViCXms6oZeYiV/

Seem's demo and root password are set on the ISO as it should be, as "demo" and "root".
Next, the scripts by DO:
On the PDF is seen this - wrapping into one line per command.

Code: Select all

user="$(whoami)"; 
sudo grep $user /etc/shadow; 
hash=$(sudo mkpasswd -m sha-512 "demo");
echo "demo hash is $hash"; 
sudo sed -r "s=^($user):[^:]*:=\1:$hash:=" /etc/shadow |grep $user

and you posted on the pdf this:

Code: Select all

user:$6$OlzZcNKz533xjqN5$n.dnSf0mgX1kxFSSLE3ccuRgMtjO.hDEO9UoFrszhx.9DdLTdg2gGG4Ntl3nQz.iG1SsmGsrIwwBCM1TH1fYm1:19274:0:99999:7:::
demo hash is $6$uHdAK1R3ATVMIKDC$bDNHa6yDOVWh59GIkB1f3bbZ8dmhS6SybhG7S9s3o5oXqFFCfnrrTYUMCjqEjkBDAH9F6erq/0VQ71yyJccul.
user:$6$uHdAK1R3ATVMIKDC$bDNHa6yDOVWh59GIkB1f3bbZ8dmhS6SybhG7S9s3o5oXqFFCfnrrTYUMCjqEjkBDAH9F6erq/0VQ71yyJccul.:19274:0:99999:7:::

The last two lines are fine and can verified to be valid has of demo passwords.
Now, let's look the first line, which shows the hash of the current user password:

Code: Select all

user:$6$OlzZcNKz533xjqN5$n.dnSf0mgX1kxFSSLE3ccuRgMtjO.hDEO9UoFrszhx.9DdLTdg2gGG4Ntl3nQz.iG1SsmGsrIwwBCM1TH1fYm1:19274:0:99999:7:::

let's try this test:

Code: Select all

HASH='$6$OlzZcNKz533xjqN5$n.dnSf0mgX1kxFSSLE3ccuRgMtjO.hDEO9UoFrszhx.9DdLTdg2gGG4Ntl3nQz.iG1SsmGsrIwwBCM1TH1fYm1'
mkpasswd demo "$HASH"
$6$OlzZcNKz533xjqN5$n.dnSf0mgX1kxFSSLE3ccuRgMtjO.hDEO9UoFrszhx.9DdLTdg2gGG4Ntl3nQz.iG1SsmGsrIwwBCM1TH1fYm1

Ooops.. the dispayed user password on the installed system is "demo"
But, this type of hash is not what normally the MX-Instalelr would generated,
b/c user passwords on installed don't use sha-512 "$6$' password hash#s but "$y$"-yescrypt -hash.
...
So, I'm not sure what all this is about.
The passwords on the snapshot-ISO are defaults.
The user password on installed system password shown is "demo",
The password hash is not one, which MX installer would create.
The information provided so far is inconsistent regarding the issue mentioned.

Hi Fehlix,
I think you should know one thing, what could be a reason for this trouble:
Sometimes it happens because of different computers and systems, I forget my password
and then I learned a trick to log in :
start a live system and edit the /etc/passwd by erasing the "x" after the user.
Then the system starts without asking for password and on the console the command passwd
lets you choose a new password.
The last years I was a little surprised, in the /etc/passwd was no more x after the user, but a hash-code.
But I didnt think about it.
After you answered me , I made a test on my system:
I deleted the hash after the user and replaced it by x
The result was: I couldnt log in with my normal password, but as I tried "demo", I came in.
So please let me know:
What was my fault in the procedure? And:
Could it be, the password procedure or behaviour of the system was changed during the last years?
For normal I would expect, by giving a new password would change /etc/passwd and /etc/shadow simultaneously.
Is that right?
Thanks for clearing!

[fehlix]

I think you should know one thing, what could be a reason for this trouble:
Sometimes it happens because of different computers and systems, I forget my password
and then I learned a trick to log in :
start a live system and edit the /etc/passwd by erasing the "x" after the user.
Then the system starts without asking for password and on the console the command passwd
lets you choose a new password.

Use chroot-rescue-scan from LiveUSB inseatd,
it gives you a chroot-terminal on the installed system, where you simply reset the installed user password like
this

Code: Select all

passwd myuser

What was my fault in the procedure?

I'm not sure what and how those issues have been created.
Quoting @user-green

I think you somehow modified account settings by yourself. As a result, you might encountered an unusual situation, I think.

Suggest, to make an additional fresh installation and start adjusting with your tweaks until the snapshot password issue shows up. And report here any modifications made. So we may see the issue.
Currently I can not see the reason, and you may be the only one with those.
( Also you may consider to adjust your text-reporting style using those [code]code-tags[/code]
b/c any additional extra pdf- or ocr-activities would not increase my motivation to look further into the issue.)

[Huckleberry Finn]

@klamaux

Here's how to:

[klamaux]

I think you should know one thing, what could be a reason for this trouble:
Sometimes it happens because of different computers and systems, I forget my password
and then I learned a trick to log in :
start a live system and edit the /etc/passwd by erasing the "x" after the user.
Then the system starts without asking for password and on the console the command passwd
lets you choose a new password.

Use chroot-rescue-scan from LiveUSB inseatd,
it gives you a chroot-terminal on the installed system, where you simply reset the installed user password like
this

Code: Select all

passwd myuser

What was my fault in the procedure?

I'm not sure what and how those issues have been created.
Quoting @user-green

I think you somehow modified account settings by yourself. As a result, you might encountered an unusual situation, I think.

Suggest, to make an additional fresh installation and start adjusting with your tweaks until the snapshot password issue shows up. And report here any modifications made. So we may see the issue.
Currently I can not see the reason, and you may be the only one with those.
( Also you may consider to adjust your text-reporting style using those [code]code-tags[/code]
b/c any additional extra pdf- or ocr-activities would not increase my motivation to look further into the issue.)

Thank you for overlooking the issue though my un-kind reporting style.
Huckleberry Finn gave me an introduction of accepted reporting-style.
Hope I can get it right. You speak german ,too.
Perhaps I need a translation what is meant with "code"
I chose pdf format, because one can copy the text and was hoping, you can quickly
make it unreadable for the public, when there was a security problem in the post.

I think for this time I know, what to do.
My system is renewed and I use the old one to make experi-ence/ments.
MX Linux is my favourite system and I use it as base in my office.
Because I need Windows too, I like virtualbox.
Because there was a USB3 Problem for Win10, I used 6.1.34 so far and not
the 36/38 version.
Hope the issue will disappear soon, because the update process is more difficult therefore.
But now there is version 40. Will test it soon.
Ciao have a good time, so long..

[klamaux]

so I close this theme,
thanks to all