[OE-core] [PATCH 2/2] openssh: allow empty passwords if PAM allows it as well
Koen Kooi
koen at dominion.thruhere.net
Sun Oct 13 15:30:08 UTC 2013
Op 13 okt. 2013, om 15:39 heeft Richard Purdie <richard.purdie at linuxfoundation.org> het volgende geschreven:
> On Sun, 2013-10-13 at 12:01 +0200, Koen Kooi wrote:
>> Op 12 okt. 2013, om 10:37 heeft Richard Purdie <richard.purdie at linuxfoundation.org> het volgende geschreven:
>>
>>> On Fri, 2013-10-11 at 15:37 +0200, Koen Kooi wrote:
>>>> Signed-off-by: Koen Kooi <koen at dominion.thruhere.net>
>>>> ---
>>>> meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config | 2 +-
>>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git a/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config b/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config
>>>> index 4f9b626..175e8f3 100644
>>>> --- a/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config
>>>> +++ b/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config
>>>> @@ -59,7 +59,7 @@ Protocol 2
>>>>
>>>> # To disable tunneled clear text passwords, change to no here!
>>>> #PasswordAuthentication yes
>>>> -#PermitEmptyPasswords no
>>>> +PermitEmptyPasswords yes
>>>>
>>>> # Change to no to disable s/key passwords
>>>> #ChallengeResponseAuthentication yes
>>>
>>> I'm struggling to connect the "if PAM allows it as well" part of the
>>> shortlog to this change? How is this conditional on PAM?
>>
>> If PAM disallows empty passwords this option doesn't do anything. The
>> PAM rules run before the openssh config options get applied.
>
> What if PAM isn't being used?
I haven't tested that, but I suspect it will only allow empty passwords if you set it to 'yes'.
regards,
Koen
More information about the Openembedded-core
mailing list