[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Removing the number of installation screens (F-14)



Hi,

On 05/12/2010 09:01 AM, Ales Kozumplik wrote:
On 05/11/2010 04:28 PM, Hans de Goede wrote:

Read again, the default is yes, iow the default is to not allow empty.
The meaning
of this setting is:
no -> never
yes -> allow if a password is set
without-password -> allow even if the password is empty


but the manpage says "If this option is set to “without-password”,
password authentication is disabled for root."

are we reading the same manpage?


Yes we are, sorry you are right without password means that root login
is allowed, but only using other means then a password (such as a private
key).

Anyways the correct config file setting to look at is:

     PermitEmptyPasswords
             When password authentication is allowed, it specifies whether the
             server allows login to accounts with empty password strings.  The
             default is “no”.

Note I verified that with a default sshd_config and an empty root password logging
in as root is disallowed and it is.

Regards,

Hans


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]