LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 05-21-2008, 03:56 AM   #1
xaverius
LQ Newbie
 
Registered: Aug 2007
Posts: 8

Rep: Reputation: 0
configuring ssh & pam (OSX 10.5.2)


Hi,
There's a user on my machine with no password, and I want to log in over ssh with that account.
Problem is, ssh seems to deny empty passwords.

I've been messing around with /etc/sshd_config, and discovered that:
a) "permitEmptyPasswords no" is set by default, but enabling it doesn't work, because (I think)...
b) "UsePAM yes" is set too.

So I ignored the sshd_config file, and went to /etc/pam.d/sshd, these were the settings:
Code:
auth       required       pam_nologin.so
auth       optional       pam_afpmount.so
auth       sufficient     pam_securityserver.so
auth       sufficient     pam_unix.so
auth       required       pam_deny.so
account    required       pam_securityserver.so
password   required       pam_deny.so
session    required       pam_launchd.so
session    optional       pam_afpmount.so
Setting "auth optional pam_deny.so" (instead of required) enabled me to log in using no password for that account, but apparently also disabled ALL passwords - anybody could log in with no password, and that's obviously not what I want.

Can't figure out what to do now, so I hope there's somebody who can tell me what to do?
 
Old 05-21-2008, 04:47 AM   #2
Nathanael
Member
 
Registered: May 2004
Location: Karlsruhe, Germany
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940

Rep: Reputation: 32
why do you not set a password for that specific user, and setup ssh key authentication?
 
Old 05-21-2008, 05:00 AM   #3
xaverius
LQ Newbie
 
Registered: Aug 2007
Posts: 8

Original Poster
Rep: Reputation: 0
because it's not my account, and that user doesn't want one...
I just wanted to know: why does ssh deny empty passwords by default, and how do I change that?
 
Old 05-21-2008, 05:06 AM   #4
Nathanael
Member
 
Registered: May 2004
Location: Karlsruhe, Germany
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940

Rep: Reputation: 32
it denys it because it's a security problem otherwise!

you could still setup an ssh key authentication without the user having a password.

do this by running ssh-keygen on your computer, and add the contents of the file ~/.ssh/id_(rsa|dsa).pub to the users ~/.ssh/authorized_keys file on the remote host.

there are also some settings in the sshd file you could change, in case this is disabled by default on os x
 
  


Reply

Tags
os x, pam, sshdconfig


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh -x on a mac osx to a Linux computer 1veedo Linux - General 6 09-19-2007 05:22 PM
Is there an easy way of configuring pam in linux? ravee Linux - Security 2 10-22-2005 08:50 AM
configuring pam digsby0007 Linux - Software 0 08-11-2004 01:04 PM
ssh. a problem using OSX to get into redhat9 thriller Linux - General 2 07-05-2004 08:34 PM
Configuring /etc/pam.d/passwd module plexus Linux - Security 2 05-25-2004 07:55 PM


All times are GMT -5. The time now is 07:02 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration