On Wed, 20 Feb 2002 oinkfreebiker@att.net wrote:

> But I need to create a user "vpnuser" who has now passwd.
> I tried using vipw and setting a star to the encrypted
> passwd for vpnuser --- but login still asks for a passwd

A star "*" is the password -- which can never be matched. If you have no
password then the field is empty "::", but that is bad (and probably not
what you want).

> -- and the old passwd no longer functions.

Of course, you replaced it. (Note that vipw under BSD is different than
standard Linux versions: you are actually editing the real user database
not the passwd file.)

> How do I make "vpnuser" passwordless for the VPN script
> of SSH-IP-TUNNEL?

I don't know about your actual setup, but I use ssh's RSAAuthentication or
PubkeyAuthentication for connecting without password (so it can connect
automatically).

Basically, you use ssh-keygen to generate your keys on the client system
without using a pass-phrase, and then copy the public key (identity.pub,
id_dsa.pub or id_rsa.pub) to the $HOME/.ssh/authorized_keys on the
server-side.

(You could also use other configurations to be more specific to users and
hosts.)

   Jeremy C. Reed
   http://www.reedmedia.net/