Package: dropbear Version: 0.52-4 Severity: minor Root has the null password so that people with physical access to a securetty can log in easily, and remote logins are forced to be key-based. This works with openssh-server, but with dropbear I get:
[2350] Nov 12 21:48:03 user 'root' has blank password, rejected Even though I'm not trying to log in with the password method, and indeed dropbear was started with -s. It seems to me that dropbear should allow key-based authentication even if the user has a null password -- at the very least this should be the case if -s is used. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org