How To: Change Your Password In The Terminal

It’s considered good form to change your password once in a while. This may not be something important for you, but others may appreciate it. It may be corporate policy or regulations that make you need to change your password, or you could just be more security minded than many others. No matter what, this article tells you how.

The tool we’re using in today’s exercise is called ‘passwd‘, which is a tool to help make and manage passwords. It’s a bit complicated, but it uses something called hashing and stores a hash instead of a plain-text password.

When you login, your password is checked against the hash that was created when the password was created. This prevents people from easily reading your stored password, stored of course because there must be something to check against.

If one remembers way back to the start of this project, my goal is to put my notes online. This article is in my notes, which is why this is such a simple article. Indeed, this article should be pretty straightforward and easy to understand. I’d definitely call it a beginner-friendly article.

Change Your Password:

Like most always, you need to open your terminal. You can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

Once you have your terminal open, the command you’re looking for is:

If you already have a password, you’ll need to type your current password and then you’ll type the new password twice. When you logout or next need to use your password, your new password will be required. You don’t need ‘sudo’ for this, as the password you’re changing belongs to you.

Seeing as this is short, I’ll toss in another use of passwd. If you want to change the password for a different user, you just use this command:

Change the obvious to the obvious, specifically the username. This command does require ‘sudo’, because you’re changing a password that doesn’t belong to the current user.

There’s more that can be done with passwd, but those things are beyond the scope of this article. I’d expect to see some more passwd uses covered in the future, but you can get a head start by typing man passwd into your terminal and learning about the other options.

Closure:

That’s it, really. I told you that this one would be short and easy! Sure enough, it’s pretty easy. Many of my notes are regarding people who are new to Linux, but it’s still nice to get more of them online. I dare say we’re coming along nicely.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 0 Average: 0]

Guest Article: What Are SSH Keys?

The following article is a guest-written article from Andy Brooks (aka captain-sensible) about SSH keys. So, let’s put our hands together for a guest author and appreciate that I got a break from writing articles! Thanks, Andy!

There are a few articles about SSH already:

Install SSH to Remotely Control Your Linux Computers
Enable x11 Forwarding With SSH (Remotely Use GUI Applications)
How To: Change The Port SSH Uses

What Are SSH Keys?

Recently, I created an account for the AUR (Arch user repository) with a view to taking over an maintaining an Aurphan AUR package. On the registration form, which included the usual user name etc, was a text box asking for my SSH public key? You might wonder what is that, why do the AUR want it, and how are they going to use it?

Well the AUR would hold my public key and that would be associated with my user account. What I would want to do with the AUR for a package would be update the PKGBUILD file and get those changes published on AUR repository. So basically that would require getting access to the server of the AUR by logging in and then pushing up my changes to it.

So how are SSH keys involved in that process ? Well on my PC in my home folder there is a directory called .ssh inside are two text files called id_rsa id_rsa.pub. The information held inside the id_rsa.pub, the AUR has a copy of.

If and when I access AUR to make changes, to any package on the repo, there is an exchange of information over my terminal that I am using as a communication channel via ssh. The server sends a challenge, which is to see if my private key matches up with the public key which the AUR server is holding a copy of.

A couple of points are the process involves encryption and the only key that should be “given out” to anybody is the public key. The private key should be, well kept private and out of peoples hands. Putting it simply, ssh-keys are a way of securely giving users access to remote servers. Secure Shell was created in 1995 by Tatu Ylönen a Finnish national following a password-sniffing attack at his university.

Now for registration for accounts such as with the AUR, there are really only two things you need to do.

1) create as a “once off” a pair of private & public keyserver-options.
2) Give the details of the public key to the AUR server.

Creating SSH Keys:

Lets start with item 1):

ssh-keygen is a utility of openSSH so you need to install that, then from a terminal simply issue the command (as a normal user not sudo): ssh-keygen

To keep things simple, you can accept the defaults by hitting return button.

At the end you should see something like in the adjacent image.

ssh keygen
Yours should look pretty similar to this!

Note: At this point, you can generate a password/passphrase. Doing so can increase the level of security, but the choice is yours to make.

Now lets look at 2):

From your terminal, check you are in your home folder, or cd to it eg ($ cd ~ )
Then change directory into the .ssh directory with cd .ssh
Then get contents via cat
cat : [andrew@darkstar:~/.ssh]$ cat id_rsa.pub

You should get something like : ssh-rsa AAAAB3NzaC1yc2EAAAAD… There will be something like 569 chars in all. 

From the terminal you can just copy starting from the ssh-rsa ….. to the end; then you can just paste that into a text box asking for your public key.

A quick warning the two keys generated are a matched pair. Once you submit your public key, don’t just repeat the default way of generating keys otherwise the keys will be overwritten and then you will be rejected from getting access to where you last put your public keys.

Also to see the .ssh directory in your home folder, you may need to click view hidden files and dirs.

Closure:

And there you have it, a guest-authored article about SSH keys! I’m very grateful for the help. If you’re interested in writing an article, you can do that. The easiest way for you is to use the Contribute Your Article link at the top of any page. The easiest way for me is if you just register and ask to be made an author. Either is awesome and even if you’re an author I will still need to edit and schedule posts.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment

Smash a button!
[Total: 1 Average: 5]

Create A New User With SUDO Privileges In Ubuntu

It’s not unusual to want to create a new user with sudo privileges and it’s actually really easy. This will be just a quick article that explains how. It’s not exactly a complex operation.

This article doesn’t cover other distros! It has only been tested in a couple of Ubuntu derivatives and not all distros come with ‘adduser’. It should probably work if you install ‘adduser’ where available, but that’s entirely untested by me. Give it a shot and let me know in a comment if it works out for you.

You may want a multi-user environment, you may want different logs for different users, you may want some customization with one user, you might want to test things with a separate user, etc… There are tons of reasons for wanting a different account and wanting a new user with sudo privileges.

I shouldn’t need to mention this, but sudo stands for ‘superuser do’. Users that belong to the sudo group are pretty much omnipotent. They can access anything, change anything, and do anything they please. You’ll use sudo to do things like install software or edit system files.

Anyhow, I’ll explain how to create a new user with sudo privileges in this article. It’s a pretty easy task and you shouldn’t have much trouble with this one.

Create New User With SUDO Privileges:

This article requires an open terminal, like many other articles on this site. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

The tool we’ll be starting with is called ‘adduser‘, and the name tells you what it does. With your terminal now open, you start by entering the following to add a new user:

Once you’ve done that, you’ll be asked to type the new user’s password twice, and then you can fill in some additional information for that user. Those steps aren’t necessary, but you will want to add a password for the user – and definitely so because it’s an account that has access to sudo.

Now that you have created a new user, you’ll need to modify that user. The newly created user doesn’t come with sudo access by default, you need to grant it. The tool we’ll be using for this is ‘usermod‘ and the command to make the new account a new user with sudo privileges is:

At this point, you should be able to login and use the newly minted user account. Indeed, you should have a new user account and that new account should have sudo privileges.

CLOSURE:

See? I told you that this wouldn’t be a long or difficult article. If you want a new account and you want that account to have sudo privileges, it’s just a couple of easy commands away. This is yet another article in what’s turning out to be quite a long list of articles.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 3 Average: 5]

Strip Password From A Password-Protected PDF

One company likes to send me a password-protected PDF every month, and it can be a pain typing in the password every time. Fortunately, we don’t have to! To completely remove the password from password-protected PDFs, keep reading!

Now, there are times when removing the password from a password-protected PDF is against corporate policy or may be a violation of regulations. I suppose a good rule might be, “Don’t tamper with the password protection unless the PDF belongs to you.”

That said, it’s actually pretty easy to remove the passwords from password-protected PDFs. It’s easy and I’ll show you how! This won’t even have to be a very long article!

Remove Password From A Password-Protected PDF:

Like oh so many of my articles, this one starts with the terminal open. If you don’t know how to do that, it’s easy. Just use your keyboard and press CTRL + ALT + T and your default terminal emulator will open.

The tool we’ll be using is called ‘qpdf‘ and it describes itself as:

PDF transformation software

Once you have that open, one of the following should help you install qpfd:

Debian/Ubuntu:

Arch/Manjaro:

RHEL/Fedora:

Any of those should get you to the point where qpdf is installed, and there shouldn’t be (m)any dependencies. Using it is just as easy as installing it.

Obviously, you change “PASSWORD” to the password that’s used in the password-protected PDF to the actual password. You also use the name (and path) of the PDF and a new name for the new PDF that has no password. That will, of course, remove the password and you can delete the original after verifying that it worked.

BONUS:

You can actually use qpdf to make a password-protected PDF. It’s also easy and the command would look like this:

In this case, the PASSWORD is your new password and it must be typed twice. The 256 is the key-length used to encrypt the PDF. To get more information like that, just run:

In there, you’ll see that qpdf is really quite a potent application. It can do so much more than just stripping the password from a password-protected PDF. So, give that help file a scan and see what other features it has!

CLOSURE:

See? I told you that this article wouldn’t take all that long. Best part? It’s another in what’s a growing list of articles and it’s something you can actually use when you get a password-protected PDF. Again, if you’re gainfully employed or in a regulated occupation you may not want to remove the password protection.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 2 Average: 5]

How To: Use sudo Without A Password

It is possible to use sudo without a password. Doing so is probably a pretty bad idea for most people, but it can be done. Password-less sudo is an option that you have, but it’s one heck of a security risk.

I have pretty good physical security and the risks of someone physically accessing my devices are pretty minimal. There’s no neighbors that can access my WiFi, or anything like that. Because of this, I can, and sometimes do, set up my computers so that I don’t need to use a password when I use sudo.

I feel like I need to make this clear:

If you set it up to use sudo without a password, you’re removing a key security element. If you can use sudo without a password, so can’t someone who’d be doing so with malice aforethought. It’d be even more risky if you did this on a laptop that might get misplaced or stolen.

In short: DO NOT DO THIS (without considering the security implications).

By the way, if you don’t know what sudo is, it stands for “superuser do”. It’s what you use to temporarily elevate your permissions, to read, write, or execute administrative (or otherwise restricted) files. Basically, it turns you into an omnipotent administrator. 

Again, be careful before doing this. If it makes you an omnipotent user, it makes anyone that can access the device an omnipotent user. You have been warned. If you’re comfortable with your physical security, this is an option. It’s an option you should consider only with care and diligence. 

SUDO Without A Password:

     See Also: Generate Complex Passwords

Like so many things, this too starts in the terminal. As always, you can open your terminal with your keyboard, just press CTRL + ALT + T and your default terminal should open. Once it is open, enter the following to open the file with nano:

Arrow button yourself down to the bottom and add the following line:

Where it says “<your_username>” you change it to your username – without the brackets. So, if your username were the same as mine, you’d make a line that looks like:

The ‘kgiii’ is lowercase, and your username will be lowercase. If, for some reason, you don’t actually know your username, you can find it with:

Anyhow, after you’ve added that line, you can save the file. As we’re using nano, you save it by pressing CTRL + X, then Y, and then ENTER

That should get you sorted and you should now be able to use sudo without a password. If you are aware of the security implications, this may just be something you want to do. On the other hand, it’s not exactly taxing to type your password.

Closure:

And, once again, you have another article! I’ve reached the point where I have a small buffer. I could be offline for a few days and articles will still publish themselves. I’m hoping to get even further ahead, so we shall see how it goes.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 2 Average: 5]