What are the default passwords of these users: nobody, daemon, uucp, etc.?

Solution 1:

what are default password of these users : root, daemon, bin, sys, sync, games, man, lp, mail, news, uucp, nobody.

You can check the status by looking in the shadow password file (/etc/shadow) at the second field. By default these accounts are locked (the password is set to *), which disables logins.

Can anyone login through ssh or ftp by these users ??

Not unless you have set a password for them.

Solution 2:

If you would look at the password file you would see that these have a specific setting (games used as an example):

$ more /etc/passwd|grep games
games:x:5:60:games:/usr/games:/bin/sh

The 1st three (: is the separator):

  • name
  • password. An x character indicates that encrypted password is stored in /etc/shadow file.
  • user ID (UID): 1-99 are reserved for other predefined accounts.

The password is hashed (if it starts with a $ it is encrypted).

Regarding /etc/shadow

If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means).


Can anyone login through ssh or ftp by these users ??

Not by default. In theory you can create a user named games as an actual user or change the pwd of the user games.

Solution 3:

Logins like nobody will typically be "locked", so it is not possible to log in as them using a password (in any way, not SSH, not FTP, not the su command etc)

http://manpages.ubuntu.com/manpages/hardy/man1/passwd.1.html

-l, --lock
    Lock the named account. This option disables an account by changing
    the password to a value which matches no possible encrypted value,
    and by setting the account expiry field to 1.

However, if you have sudo access you can switch to these accounts with a command like this:

$ sudo su nobody

This is because the super-user can change to any account without entering a password