[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: sshd: it is permit to login with a Empty Password



On Fri, Nov 26, 2004 at 10:54:16AM +0100, Iago Rubio wrote:
> > > Put a non working shell as default for this user.
> > > [root igloo root]# useradd -s /sbin/nologin nopasswd
> > That'll make it kind of hard for the user to get any work done, won't it?
> You've got a big bunch of users in your system with no login shells, and
> they get their work done.
> Check your /etc/passwd.

There's users and then there's users. :)

Not wanting regular (human) user accounts to be allowed to work with empty
passwords is a good precaution against accidents. (See
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=86414>, for an example
of something that could happen.)

Obviously your suggestion is good for system accounts.

-- 
Matthew Miller           mattdm mattdm org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]