sshd: it is permit to login with a Empty Password

Matthew Miller mattdm at mattdm.org
Fri Nov 26 22:35:03 UTC 2004


On Fri, Nov 26, 2004 at 10:54:16AM +0100, Iago Rubio wrote:
> > > Put a non working shell as default for this user.
> > > [root at igloo root]# useradd -s /sbin/nologin nopasswd
> > That'll make it kind of hard for the user to get any work done, won't it?
> You've got a big bunch of users in your system with no login shells, and
> they get their work done.
> Check your /etc/passwd.

There's users and then there's users. :)

Not wanting regular (human) user accounts to be allowed to work with empty
passwords is a good precaution against accidents. (See
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=86414>, for an example
of something that could happen.)

Obviously your suggestion is good for system accounts.

-- 
Matthew Miller           mattdm at mattdm.org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>




More information about the devel mailing list