[plug] No passwd for user
Harry McNally
harrymc at decisions-and-designs.com.au
Fri Aug 2 10:38:27 WST 2002
On Fri, 2 Aug 2002 09:50:39 +0800 (WST) "Anthony J. Breeds-Taurima"
<tony at cantech.net.au> wrote:
> On Thu, 1 Aug 2002, I am the LinuxAlien wrote:
>
> > In Debian Woody I set the password policies to min letters=0, when it asks
> > for a passwd if i don't enter one it complains, if i enter something like
> > today it also complains that it is to simple. I need a simple user without
> > a password. Is this possible?
>
> By doing this you're asking everyone to have numberic passwords.
>
> You can (as root) passwd -d fred, to set fred's password to nothing
> or if you're (ver bad idea) making a policy decision that in gneral any user
> can set his/her password to '' then you need to change:
>
> password required pam_unix.so nullok obscure min=4 max=8 md5
> to *
> password required pam_unix.so nullok obscure min=0 max=8 md5
Hi Tony
Noting that you've said "this is very bad idea" but taking it further so I
understood what I was reading, I did:
/etc# grep -r password *
and discovered the files in /etc/pam.d (yeah righto .. still learning :)
Then:
/etc/pam.d# man pam.d
to learn more.
Since I've got this directory 'man pam.d' tells me this overrides the simple
/etc/pam.conf file.
My question is: were you advising Mr Alien to change just the entry in
/etc/pam.d/passwd ?
Alternatively, for his idea to work, must he also change the auth entries for
services to which the user is allowed access ?
I acknowledge that this allows the user to negate security somewhat (alot!) but
I'm interested from the general PAM adjustment perspective.
cu
Harry
--
linux.conf.au 2003 The Australian Linux Technical Conference
http://linux.conf.au/ 22-25 January 2003 in Perth, Western Australia
Are you a computer angel? http://www.ca.asn.au/
More information about the plug
mailing list