I noticed in my /etc/passwd and /etc/shadow files that there are system users by the name of squeezecenter and nobody. The presence of these users don’t concern me, but I’m wondering if I should be concerned of the following:
- Both “nobody” and “squeezecenter” users have /bin/sh set to their default login shell.
- Both users have hashed passwords in /etc/shadow.
- Both users are allowed to login
Should this concern me? /etc/ssh/sshd_config doesn’t specify that those users can’t login either. I’m worried that somewhere there is a default password for these users (since there is a hashed password in /etc/shadow) and that someone could potentially login to my EX2 server without me knowing.
Any thoughts? I’m not a Linux expert by any means so I’d love someone to quell my fears!