boi nc service without a password

Questions and Answers : Windows : boi nc service without a password
Message board moderation

To post messages, you must log in.

AuthorMessage
Profile Velez's

Send message
Joined: 30 Nov 02
Posts: 24
Credit: 1,685,966
RAC: 0
France
Message 189180 - Posted: 15 Nov 2005, 10:14:20 UTC

Hello all,

I installed the boinc service after adding a password to the user account since the boinc service setup would not allow the password field to be blank.

Now, I would like to remove the password for the windows user. But if I do that, the boinc service does not start when I type 'net start boinc'.

Is there a configuration file i can manually edit that will tell the boinc service there is no password on this account?

Thanks,
JV

ID: 189180 · Report as offensive
Profile barbarossa
Avatar

Send message
Joined: 4 Sep 99
Posts: 1294
Credit: 6,629,998
RAC: 3
Switzerland
Message 189188 - Posted: 15 Nov 2005, 10:41:55 UTC

Let's not confound the different passwords.

There are three of them and they have nothing to do with one another:

- Your account password in a project. It has only to do with attaching/connecting BOINC to a project and with your login on this website.

- The password in 'gui_rpc_auth.cfg', which has been introduced with ver. 5.2.2. Read about it in the BOINC-Wiki here

- The password for the service you installed. It is not needed by other users. The service even starts up witout anybody being logged in. Just leave it as it is.

:-)= Greybeard
All about BOINC: BOINC-Wiki (by Paul D. Buck)

ID: 189188 · Report as offensive
Profile Velez's

Send message
Joined: 30 Nov 02
Posts: 24
Credit: 1,685,966
RAC: 0
France
Message 189381 - Posted: 16 Nov 2005, 0:51:18 UTC - in response to Message 189188.  



- The password for the service you installed. It is not needed by other users. The service even starts up witout anybody being logged in. Just leave it as it is.

:-)= Greybeard


Actually, this is the password I want to remove. I understand a user does not need to be logged in.

I may have done something wrong at install; however, when I installed the boinc service, logged in as the Computer Administrator on my windows XP, I could not get the service to install if the password I used at install did not match the Windows XP password of the Computer Administrator account. I actually set a password for the Computer Administrator account in order to do the boinc service install.

However, for many different reasons, I do not want a password on the Computer Adminstrator account (which is the only account on the machine): I have a home network in which I share directories from a variety of XP machines to a Linux machine and vice versa; I also want the account to login automatically when my XP machine boots (to start other applications and monitoring reasons and so forth).

When I remove the Computer Administrator password, boinc won't start as a service. So, I'm thinking there is a config file where this password is located in boinc's service install files somewhere.

I'm wondering whether I can just tweak that file so I can remove the XP password.

JV
ID: 189381 · Report as offensive
Ken Phillips m0mcw
Volunteer tester
Avatar

Send message
Joined: 2 Feb 00
Posts: 267
Credit: 415,678
RAC: 0
United Kingdom
Message 189389 - Posted: 16 Nov 2005, 1:45:49 UTC - in response to Message 189381.  



- The password for the service you installed. It is not needed by other users. The service even starts up witout anybody being logged in. Just leave it as it is.

:-)= Greybeard


Actually, this is the password I want to remove. I understand a user does not need to be logged in.

I may have done something wrong at install; however, when I installed the boinc service, logged in as the Computer Administrator on my windows XP, I could not get the service to install if the password I used at install did not match the Windows XP password of the Computer Administrator account. I actually set a password for the Computer Administrator account in order to do the boinc service install.

However, for many different reasons, I do not want a password on the Computer Adminstrator account (which is the only account on the machine): I have a home network in which I share directories from a variety of XP machines to a Linux machine and vice versa; I also want the account to login automatically when my XP machine boots (to start other applications and monitoring reasons and so forth).

When I remove the Computer Administrator password, boinc won't start as a service. So, I'm thinking there is a config file where this password is located in boinc's service install files somewhere.

I'm wondering whether I can just tweak that file so I can remove the XP password.

JV


Why tweak anything? The simplest thing, as barbarossa suggested is to just leave it alone if it works. The service logon should start BOINC even if no-one signs into the computer.

It is also very dangerous to have a null 'administrator' level password, windoze is ropey enough as it is, without introducing more major security loopholes, but, I guess that you are fed up of typing passwords to get into your own computer.

As you have found out, if you set BOINC to use the administrator account then the password obviously has to match the administrator account as well, as BOINC then 'impersonates' the administrator to start the service, but, in the service logon you can't enter blank passwords - a quandry certainly.

So why not change BOINCS service logon to 'local system account', and set 'allow service to interact with desktop'? No password required, but, if using NTFS, you MUST then give the 'system' user read/write access to the BOINC directory, or check it already has.

Post back if you get stuck ;-)

TTFN, Ken P.
Ken Phillips

BOINC question? Look here



"The beginning is the most important part of the work." - Plato
ID: 189389 · Report as offensive
Profile Velez's

Send message
Joined: 30 Nov 02
Posts: 24
Credit: 1,685,966
RAC: 0
France
Message 189494 - Posted: 16 Nov 2005, 10:36:35 UTC - in response to Message 189389.  

Ken,

That's exactly what I wanted. Thanks.

I know it's not nice to have blank passwords but I'm not worried about any internal threats and remote desktop is disabled for accounts with blank passwords, to deal with external threats. In any case, I've disabled remote desktop altogether. If a hacker can get around that feature, I would assume they can slowly work their way around a password, as well (I know, am I crazy!?!?).

I monitor my systems fairly closely. If I do see something in the future, I guess I'll consider adding the password back. But I haven't had any issue over the past few years.

Thanks,
JV

ID: 189494 · Report as offensive

Questions and Answers : Windows : boi nc service without a password


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.