Login in linux terminal
Once you have your Linux system up and running, you will be presented with a prompt asking for your username. This is often referred to as the login prompt.
Debian GNU/Linux 3.0 debian tty1 debian login:_
Once you’ve entered your username, you will be prompted for a password:
debian login: guest Password:_
Like Unix, Linux is case sensitive, so you need to make sure that both your username and password are entered in the correct case.
You will notice that your password is not echoed to the screen as you type it; this stops someone from being able to read over your shoulder and make a note of your password.
A good rule of thumb is to keep usernames in all lowercase, as this keeps things simple.
However, passwords should be made as difficult as possible to guess; preferably they should consist of both upper and lower case letters, as well as numbers and punctuation marks.
Traditional Unix systems have an 8 character limit on usernames and passwords. However, Linux based operating systems have a limit of 256 characters. Most Linux distributions can also be configured to operate in «legacy mode», using 8 character usernames and passwords, and so allow better interoperability with existing Unix installations.
Once you’ve typed in your password hit enter and you should be greeted with a welcome screen and you should be presented with a shell prompt and a flashing cursor.
If you’re using the Virtual Linux Environment provided with this course, then your login name will be «student» and your password will be «student».
Debian GNU/Linux 3.0 debian tty1 debian login: student Password: Linux debian 2.2.20-idepci #1 Sat Apr 20 12:45:19 EST 2002 i686 unknown Most of the programs included with the Debian GNU/Linux system are freely redistributable; exact redistribution terms for each program are described in the individual files in /usr/share/doc/*/copyright Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. student@debian:~$ _
Once you’ve logged into the system for the first time, it is usually a good idea to set your password to something new, one that will be difficult for other people to guess.
The command to do this is «passwd» (short for «password»). This command should allow you to set your password on any Unix-like system.
You will be prompted for your old password, to ensure that it is really you at the keyboard, and you will then be prompted twice for your new password. This ensures that you don’t make a typo!
debian login: student Password: Linux debian 2.2.20-idepci #1 Sat Apr 20 12:45:19 EST 2002 i686 unknown Most of the programs included with the Debian GNU/Linux system are freely redistributable; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. student@debian:~$ passwd Changing password for student (current) Unix password: Enter new Unix password: Retype new Unix password: passwd: password updated successfully student@debian:~$ _
Once you’ve successfully changed your password, you can type the ‘exit’ command to exit out of the session.
Debian GNU/Linux 3.0 debian tty1 debian login: student Password: Linux debian 2.2.20-idepci #1 Sat Apr 20 12:45:19 EST 2002 i686 unknown Most of the programs included with the Debian GNU/Linux system are freely redistributable; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. student@debian:~$ passwd Changing password for student (current) Unix password: Enter new Unix password: Retype new Unix password: passwd: password updated successfully student@debian:~$ exit <enter>
The Password File
In the previous section, you saw that the system was able to validate your identity based on your username and password. In this section, we will look at the file which is commonly used to store this information.
One of the most important files on any Unix-like system is the password file; this file is located in the «/etc/» directory, and is called «passwd».
The file originated on Unix 7th Edition, and maintains the same format to this day: 7 colon-delimited fields. These fields are, in order:
- username
- password placeholder
- user id
- group id
- GECOS field
- home directory
- shell
The following is an excerpt from the password file:
user Name | Password Placeholder | User ID | Group ID | Gecos Field | Home Directory | Shell |
root | x | 0 | 0 | root | /root | /bin/bash |
Your » user id » is a numeric identifier, which the operating system uses to identify which files belong to you. The system always thinks of you in terms of a number! It uses the passwd file to convert the number into a more human-friendly form; your username. This username is a name that you have chosen or that has been given to you by the system administrator and is the name that you will use to log in to the system.
Your «group id» is very similar. A Unix group may contain none, one or more users, who will then be able to access the files and directories owned by that group, based on that groups permissions as discussed above. This is useful for sharing files between two people, as a file can only have one owner.
Most modern implementations make use of a concept called «User Private Groups» (UPG). This means that each user is assigned their own group, which is given the same name as their username. This user is the only member of that group.
The GECOS field was originally added to early Unix systems in order to enable interoperability with an operating system written by General Electric, called the General Electric Comprehensive Operating System (GECOS). Now the field is used to store your full name, and possibly your room and telephone number.
The final two fields are your home directory , where all your files are usually stored, as well as your choice of command shell .
On a traditional Unix system, an encrypted version of the password used to exist where the password placeholder field is now.
The password is encrypted with a one-way hash. This means that the password cannot be decrypted, but it does mean that people can try and guess your password.
The traditional encryption method was called the Data Encryption Standard (DES), but most recent versions of Unix, and most Linux distributions, default to using the MD5 (Message Digest 5) encryption method, which allows for much longer and difficult-to-compute passwords.
As computers became more and more powerful, it became feasible to try entire dictionaries of words to guess someone’s password.
To counter this, the encrypted password field was moved into a separate file which only the superuser could read. Under Linux based operating systems, this file is called the shadow password file (/etc/shadow).
The superuser, or «root user» has complete control over the whole system, and is able to even override normal file permissions. Normally this login account is only used by the system administrator when doing system maintenance work.
The shadow password file contains the username and its associated encrypted password, as well as other fields which deal with password and account expiry.
The system uses the /etc/group file to determine the mapping of group names to group numbers, as well as to determine the members of each group.
Linux login command
On Unix-like operating systems, the login command begins a new login session on the system.
This page covers the Linux version of login.
Description
The login program is used to establish a new session with the system. It is normally invoked automatically by responding to the «login:» prompt on the user’s terminal. login may be special to the shell and may not be invoked as a sub-process. When called from a shell, login should be executed as exec login which causes the user to exit from the current shell (and thus prevents the new logged in user to return to the session of the caller). Attempting to execute login from any shell but the login shell produces an error message.
The user is then prompted for a password, where appropriate. Echoing is disabled to prevent revealing the password. Only a small number of password failures are permitted before login exits and the communications link is severed.
If password aging is enabled for your account, you may be prompted for a new password before proceeding. You will be forced to provide your old password and the new password before continuing; refer to our passwd for more information.
Your user and group ID will be set according to their values in the /etc/passwd file. The value for $HOME, $SHELL, $PATH, $LOGNAME, and $MAIL are set according to the appropriate fields in the password entry. ulimit, umask and nice values may also be set according to entries in the GECOS field.
On some installations, the environment variable $TERM will be initialized to the terminal type on your tty line, as specified in /etc/ttytype.
An initialization script may also be executed; check the documentation of your command interpreter for information on init scripts.
A subsystem login is indicated by the presence of a «*» as the first character of the login shell. The given home directory will be used as the root of a new file system which the user is actually logged into.
Syntax
login [-p] [-h host] [username] [ENV=VAR. ]
login [-p] [-h host] -f username
Options
-f | Do not perform authentication; user is pre-authenticated. In that case, username is mandatory. |
-h | Name of the remote host for this login. |
-p | Preserve environment. |
-r | Perform autologin protocol for rlogin. |
Configuration
The following configuration variables in /etc/login.defs change the behavior of this tool:
By default, the ownership of the terminal is set to the user’s primary group and the permissions are set to 0600.
TTYGROUP can be either the name of a group or a numeric group identifier.
Files
/var/run/utmp | List of current login sessions. |
/var/log/wtmp | List of previous login sessions. |
/etc/passwd | User account information. |
/etc/shadow | Secure user account information. |
/etc/motd | System message of the day file. |
/etc/nologin | Prevent non-root users from logging in. |
/etc/ttytype | List of terminal types. |
$HOME/.hushlogin | Suppress printing of system messages. |
/etc/login.defs | Shadow password suite configuration. |
The -r, -h and -f options are only used when login is invoked by root.
Examples
Attempts to log in to the host computerhope.com.
Related commands
csh — The C shell command interpreter.
exit — Exit the command shell.
init — The parent of all processes on the system.
ksh — The Korn shell command interpreter.
mail — Read, compose, and manage mail.
mailx — Process mail messages.
newgrp — Log into a new group.
passwd — Change a user’s password.
rlogin — Begin a session on a remote system.
rsh — Execute a command on a remote shell.
sh — The Bourne shell command interpreter.
telnet — Connect to a remote system using the telnet protocol.
umask — Get or set the file mode creation mask.