Andrew Pantyukhin wrote:
On Tue, May 06, 2008 at 02:26:43PM -0400, T. wrote:
I didn't realize this before, but it came to my attention when
debugging PAM problems. Actually, sshd default does not allow
it, but another default is in enabling PAM. It's passing power
over to PAM which is allowing it.
I didn't see another way immediately available to fix it, so I
disabled PAM in sshd. Works as expected now.
Is there a PAM solution for this?
Is this intended to be the default behavior?
Now that you mention it, I also was under impression that the
reverse should be default. I'm no pam expert, but I thought
"nullok" was required in /etc/pam.d/sshd next to pam_unix in
order for empty passwords to work. But there's no "nullok" there
by default and empty passwords still work. Disturbing.
Tested on my 5.5 box. Same thing there.
Have been taking this for granted for a long time.
Ooops.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
