NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > OpenBSD Security> 2002-03

From: Andrey Smagin (andreysmagin.com)
Date: Sat Mar 02 2002 - 20:45:29 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I narrowed down the problem:

I was reminded (thanks a lot, Brad) to put 'PermitEmptyPasswords yes'
in sshd_config.

I created a user with a normal password, then reset the password to
zero value with vipw.

Now:
If 'PermitEmptyPasswords' is set to 'yes', then I can login with empty
password, which basically solves my problem.

If 'PermitEmptyPasswords' is set to 'no', than I can login only with
previously used password and I can not find any way to delete it
completely from the system, can only change it to non-zero value.

What is the reason for keeping the old password? Is there any way to
delete it?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]