[CentOS] SSH login from user with empty password
Michael Schultz
m.schultz at srz.de
Mon Oct 14 09:17:55 UTC 2013
Am 11.10.2013 14:51, schrieb Markus Falb:
>
> On 11.Okt.2013, at 10:58, Rainer Traut wrote:
>
>> Am 11.10.2013 09:27, schrieb Michael Schultz:
>>> Thanks everyone,
>>>
>>> secure log tells me exactly what the problem is:
>>> "User username not allowed because account is locked"
>>>
>>> Setting a password for that account unlocks it and ssh works as
>>> expected. I guess I have to work on my account creation routine.
>>>
>>>
>>
>> I haven't tried but
>> maybe you could just try the obvious and unlock the account?
>> I think it is
>> passwd -u [user]
>
> from the usermod and passwd manual page
>
> ... This puts a ´!´ in front of the encrypted password ...
> ... by prefixing the encrypted string with an ! ...
>
> What I have as an example
>
> /etc/passwd:login:x:10000:10000::/home/login:/bin/bash
> /etc/shadow:login:!!:15546:0:99999:7:::
>
> and ssh with keys works fine
> What is in Michaels passwd and shadow?
> Maybe he does not use shadow passwords and the behaviour is different ?
>
> Another thougt, are there any AVCs in /var/log/audit/audit.log, maybe it is a selinux issue?
>
> Michael?
>
My passwd and shadow look like the ones in your example, SELinux is
disabled.
I think I'm just going to set account passwords, SSH pubkey auth works
that way and it's a lot more secure.
Thank you again for your help everyone,
Michael
More information about the CentOS
mailing list