netbsd-bugs: bin/11445: sshd does not regard 'PermitEmptyPasswords no'

Subject: bin/11445: sshd does not regard 'PermitEmptyPasswords no'
To: None <gnats-bugs@gnats.netbsd.org>
From: None <hubert@feyrer.de>
List: netbsd-bugs
Date: 11/07/2000 20:22:10

>Number:         11445
>Category:       bin
>Synopsis:       sshd does not regard 'PermitEmptyPasswords no'
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue Nov 07 20:22:00 PST 2000
>Closed-Date:
>Last-Modified:
>Originator:     Hubert Feyrer
>Release:        1.5_BETA2
>Organization:
	
>Environment:
	
System: NetBSD miyu 1.5_BETA NetBSD 1.5_BETA (MIYU) #7: Sun Nov 5 04:07:53 MET 2000 feyrer@miyu:/usr/cvs/src-1.5/sys/arch/i386/compile/MIYU i386


>Description:
	I have an account with no password (don't ask), and would not
	like that someone can log into it from outside. I have the default
	of

		PermitEmptyPasswords no

	in /etc/sshd.conf, but it doesn't seem as if our sshd would
	care about that.

>How-To-Repeat:
	Add account with empty (::) passwort, do:

		ssh localhost -l account date

	see it work. Start setting up IPfilter.

>Fix:
	Unknown.
>Release-Note:
>Audit-Trail:
>Unformatted: