* [gentoo-dev] pam configuration
@ 2001-12-04 15:34 Tibor Rudas
0 siblings, 0 replies; only message in thread
From: Tibor Rudas @ 2001-12-04 15:34 UTC (permalink / raw
To: Gentoo Developer List
Hello
I seem to have a serious problem with nis-exported passwd-entries:
A single "*" in the password section of the passwd file does NOT lock
the given account! The user can just hit return at the password request
to log in. This seems to be not the case with local accounts.
Everything else is working splendid with nis. I do not have the "+"-entry
in my passwd file since it is not necessary on our other machines (I think
this is only needed when using 'compat' in nsswitch..?).
This can be cured by using pam_unix.so instead of pam_pwdb.so in
/etc/pam.d/login.
Strangely enough /etc/pam.d/sshd uses pam_pwdb.so as well but locks
out the user... ... actually it does not lock out the user but simply gives a
blank line after hitting return on the password request and can only be
stopped by Ctrl-C...
...and ssh does not use the 'nullok' modification given in /etc/pam.d/sshd
and locks out users with empty password field as well.
any help on this one?
regards
Tibor Rudas
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2001-12-04 15:39 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2001-12-04 15:34 [gentoo-dev] pam configuration Tibor Rudas
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox