[OE-core] [PATCHv2] openssh: allow login with empty password
Paul Eggleton
paul.eggleton at linux.intel.com
Mon Oct 14 11:27:45 UTC 2013
On Monday 14 October 2013 13:09:55 Koen Kooi wrote:
> Op 14 okt. 2013, om 12:37 heeft Paul Eggleton
> <paul.eggleton at linux.intel.com> het volgende geschreven:
> > On Monday 14 October 2013 12:09:37 Koen Kooi wrote:
> >> Currently both PAM and dropbear allow logins with empty passwords, but
> >> openssh doesn't. This commit changes the default in openssh to allow
> >> empty password logins.
> >>
> >> This should be changed to be a global config option in the long run.
> >>
> >> Signed-off-by: Koen Kooi <koen at dominion.thruhere.net>
> >> ---
> >> meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config | 2 +-
> >> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config
> >> b/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config index
> >> 4f9b626..175e8f3 100644
> >> --- a/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config
> >> +++ b/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config
> >> @@ -59,7 +59,7 @@ Protocol 2
> >>
> >> # To disable tunneled clear text passwords, change to no here!
> >> #PasswordAuthentication yes
> >> -#PermitEmptyPasswords no
> >> +PermitEmptyPasswords yes
> >>
> >> # Change to no to disable s/key passwords
> >> #ChallengeResponseAuthentication yes
> >
> > We do already have logic in image.bbclass to set this based upon
> > debug-tweaks being in IMAGE_FEATURES; is that not working for you?
>
> I haven't tried that, but that still doesn't fix the inconsistency issues
> and presents problems during package upgrades.
It shouldn't be an issue for package upgrades - ${sysconfdir}/ssh/sshd_config
is included in CONFFILES for openssh-sshd.
Cheers,
Paul
--
Paul Eggleton
Intel Open Source Technology Centre
More information about the Openembedded-core
mailing list