keep-calm-and-learn-cloud-computing
Test Preparation Checklist by Dr. Richard Felder
May 10, 2020
active-directory
How to find if the windows server is in an Active Directory domain via PowerShell?
May 10, 2020

How to remove password from /etc/shadow

/ets/shadow

The /etc/shadow file stores actual password in encrypted format and other passwords related information such as user name, last password change date, password expiration values, etc,.

Historically, the /etc/passwd file used to store all login information in a standalone Linux system. Later, due to following reasons password information was moved in /etc/shadow file.

  • The /etc/shadow file has nine fields to store encrypted password and other password related information.
  • The /etc/shadow file supports all advanced algorithms and has plenty of room for further updates.
  • The /etc/shadow file is readable only by root user.

The fields in the shadow file are separated by colons(:) and contain the following information:

root:$6$.n:12236:0:66669:7:::
[--] [----] [--] - [---] ----
|      |      |   |   |   |||+-----------> 9. Unused
|      |      |   |   |   ||+------------> 8. Expiration date
|      |      |   |   |   |+-------------> 7. Inactivity period
|      |      |   |   |   +--------------> 6. Warning period
|      |      |   |   +------------------> 5. Maximum password age
|      |      |   +----------------------> 4. Minimum password age
|      |      +--------------------------> 3. Last password change
|      +---------------------------------> 2. Encrypted Password
+----------------------------------------> 1. Username

Two ways to remove the password from /etc/shadow file

1. Using command 
passwd -d <user_name>
Ex. For root
passwd -d root

That’s all, you are done. Try logging with that user and it should skip the logging.

2. Editing the /etc/shadow
You can also manually edit /etc/shadow.
(Take a backup copy first. Be sure that you can log even if you mess up, for example from a rescue system.)
Search for “root” and delete the second field (everything between the first and second colon):
root:<delete_anything_here>:0:0...
Save the file, and try logging in as that user. It should skip the password prompt.

Good Option : Locking the password:
Rather than keeping blank password for user specially root, you can lock the password so that it will not match any passowrd.
passwd --lock root 
or 
passwd -l root

Bitnami