I'm using the attached horrible patch to allow users with no password to
log in via public/private key. (Note there's a _separate_ test in the
actual password mechanism that vetos logins that way.)
This lets me switch systems from telnet to dropbear even when /etc is on
a read only filesystem.
Rob
No password is no reason to prevent key-based logins.
diff -ru dropbear.new/svr-auth.c dropbear/svr-auth.c
--- dropbear.new/svr-auth.c 2011-10-11 09:50:22.047129393 -0500
+++ dropbear/svr-auth.c 2011-03-02 07:23:36.000000000 -0600
@@ -249,7 +249,7 @@
return DROPBEAR_FAILURE;
}
- /* check for an empty password */
+ /* check for an empty password
if (ses.authstate.pw_passwd[0] == '\0') {
TRACE(("leave checkusername: empty pword"))
dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
@@ -257,6 +257,7 @@
send_msg_userauth_failure(0, 1);
return DROPBEAR_FAILURE;
}
+*/
TRACE(("shell is %s", ses.authstate.pw_shell))
