[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: sshd: it is permit to login with a Empty Password

From: Matthew Miller <mattdm mattdm org>
To: Development discussions related to Fedora Core <fedora-devel-list redhat com>
Subject: Re: sshd: it is permit to login with a Empty Password
Date: Fri, 26 Nov 2004 17:35:03 -0500

On Fri, Nov 26, 2004 at 10:54:16AM +0100, Iago Rubio wrote:
> > > Put a non working shell as default for this user.
> > > [root igloo root]# useradd -s /sbin/nologin nopasswd
> > That'll make it kind of hard for the user to get any work done, won't it?
> You've got a big bunch of users in your system with no login shells, and
> they get their work done.
> Check your /etc/passwd.

There's users and then there's users. :)

Not wanting regular (human) user accounts to be allowed to work with empty
passwords is a good precaution against accidents. (See
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=86414>, for an example
of something that could happen.)

Obviously your suggestion is good for system accounts.

-- 
Matthew Miller           mattdm mattdm org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>

References:
- sshd: it is permit to login with a Empty Password
  - From: Dario Lesca
- Re: sshd: it is permit to login with a Empty Password
  - From: Iago Rubio
- Re: sshd: it is permit to login with a Empty Password
  - From: Matthew Miller
- Re: sshd: it is permit to login with a Empty Password
  - From: Iago Rubio

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]