Subject: Re: user without password?
To: Johnny Billquist <email@example.com>
From: Quentin Garnier <firstname.lastname@example.org>
Date: 04/18/2006 19:56:19
Content-Type: text/plain; charset=us-ascii
On Tue, Apr 18, 2006 at 07:34:39PM +0200, Johnny Billquist wrote:
> Hmmm. PAM rears it's ugly head? :-)
> Once you thought you knew how to get a Unix system to behave the way you=
> wanted. Now it's getting as obfuscated as windows? :-)
> This is really a case where PAM is meddling where it shouldn't. If you=20
> explicitly have an account without password, and you explicitly tell=20
> sshd that accounts without passwords are ok, then you would think that=20
> should be it. Is anyone but me thinking that we're getting too many=20
> subsystems dealing with the same issue here, which makes it very hard to=
> get things right?
Ideally, if UsePAM is set to yes, sshd shouldn't have to deal with
authentication *at all*. Even the public key scheme should go through
PAM,, in some way, because then it could be use by other applications
that have allow key exchange. Well, that's my idea of the question, at
> pancake wrote:
> >Disabling PAM works :) Thanks.
> >But ..now just for interest, what I've to do to make't work with PAM?
> >I've been testing with pam_guest.so guests=3Danoncvs nopass in=20
> >but looks like i'm doing something wrong.
> >So, thanks for the help.
> >On Tue, 18 Apr 2006 19:16:08 +0200
> >Quentin Garnier <email@example.com> wrote:
> >>On Tue, Apr 18, 2006 at 06:35:21PM +0200, pancake wrote:
> >>>Is it possible to create a user without password?
> >>>I've modified the master.passwd emptying the password field and=20
> >>>configured sshd properly, but seems that all the time asks for passwor=
> >>>any idea?
> >>You probably need to teach the relevant PAM module to accept empty
> >>passwords. Or just say "up yours" to PAM and set UsePAM to no in
> >>Quentin Garnier - firstname.lastname@example.org - cube@NetBSD.org
> >>"When I find the controls, I'll go where I like, I'll know where I want
> >>to be, but maybe for now I'll stay right here on a silent sea."
> >>KT Tunstall, Silent Sea, Eye to the Telescope, 2004.
> Johnny Billquist || "I'm on a bus
> || on a psychedelic trip
> email: email@example.com || Reading murder books
> pdp is alive! || tryin' to stay hip" - B. Idol
Quentin Garnier - firstname.lastname@example.org - cube@NetBSD.org
"When I find the controls, I'll go where I like, I'll know where I want
to be, but maybe for now I'll stay right here on a silent sea."
KT Tunstall, Silent Sea, Eye to the Telescope, 2004.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)
-----END PGP SIGNATURE-----