Re: [PLUG] Terminal/shell login with no password

Cosmin Nicolaescu on 19 Aug 2005 14:10:25 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Terminal/shell login with no password

From: Cosmin Nicolaescu <cos@camelot.homelinux.com>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Terminal/shell login with no password

Date: Fri, 19 Aug 2005 10:12:36 -0400 (EDT)

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: SquirrelMail/1.4.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, August 20, 2005 8:29 pm, Eric wrote: > I need some SysAdmin advice... > > I have a Red Hat box that I'm installing some software on and the users > expect > to connect with no password. I'm okay with that since it's not on the > network and they are all hard-wired terminals. First I tried zeroing out > the > password in the neat little gooey (GUI) tool but it won't let me save the > user that way. Failing that, I tried to replace the "x" in the password > file > with nothing. No joy - the login fails without even asking for the > password. > > Does this mean that I have to tinker with PAM? Last time I tried that I > froze myself out of the damn box so bad I had to boot into single user > mode > and un-do my mistake(s). Since then I've just left it alone :-) > > Thanks, > Eric > -- Just a quick question on the matter: how does the software connect? I mean, you're talking about blank passwords, and been getting the 'delete the password entries in /etc/shadow', but that would mean that the users would have no password...at all...unless you have PermitEmptyPasswords no in /etc/ssh/sshd_config, anybody will get in your box, if you have a mail server, then all imap/pop access will be passwordless... now, if you don't have any remote services, which means that in order to use that software the users would have to come to the machine locally and start the software, you might have some better options, but they all depend on how the software operates: 1. you edit /etc/pam.d/login to not check for password 2. you add a file to /etc/pam.d/ for this software, and bypass the password authentification (this requrires the software to support pam) 3. you add the users to a group and use sudo to give the users in that group access to the software with NOPASSWD (that would emply that everybody would run the software as the same user) 4. you have some sort of wrapper script Again, a description of what the software does and knowing how it works would be needed for the best solution, but all I'm trying to make sure is that you don't have a system out there on the net with n (where n>0) passwordless accounts. - -Cos - -- GPG key fingerprint = DE9F 4664 E666 2BD1 903E 4F4D EA31 5FB1 C7F9 08C1 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDBejU6jFfscf5CMERAuOWAJ0diDFK/58jZvYsXclXmpCHYPTkGQCglLdj ncbtjFhd6WZse5Dr/SEoD00= =rnN8 -----END PGP SIGNATURE----- ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] Terminal/shell login with no password
From: Eric <eric@lucii.org>

References:

[PLUG] Terminal/shell login with no password
From: Eric <eric@lucii.org>

Prev by Date: Re: [PLUG] Terminal/shell login with no password

Next by Date: Re: [PLUG] Re: Terminal/shell login with no password

Previous by thread: Re: [PLUG] Terminal/shell login with no password

Next by thread: Re: [PLUG] Terminal/shell login with no password

Index(es):

Date

Thread