From: Paul Eggleton <paul.eggleton@linux.intel.com>
To: Koen Kooi <koen@dominion.thruhere.net>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [PATCHv2] openssh: allow login with empty password
Date: Mon, 14 Oct 2013 12:27:45 +0100 [thread overview]
Message-ID: <3629318.cbsHQ1o6XL@helios> (raw)
In-Reply-To: <F5284B34-0CDB-4F68-93B1-E748158FF690@dominion.thruhere.net>
On Monday 14 October 2013 13:09:55 Koen Kooi wrote:
> Op 14 okt. 2013, om 12:37 heeft Paul Eggleton
> <paul.eggleton@linux.intel.com> het volgende geschreven:
> > On Monday 14 October 2013 12:09:37 Koen Kooi wrote:
> >> Currently both PAM and dropbear allow logins with empty passwords, but
> >> openssh doesn't. This commit changes the default in openssh to allow
> >> empty password logins.
> >>
> >> This should be changed to be a global config option in the long run.
> >>
> >> Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
> >> ---
> >> meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config | 2 +-
> >> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config
> >> b/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config index
> >> 4f9b626..175e8f3 100644
> >> --- a/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config
> >> +++ b/meta/recipes-connectivity/openssh/openssh-6.2p2/sshd_config
> >> @@ -59,7 +59,7 @@ Protocol 2
> >>
> >> # To disable tunneled clear text passwords, change to no here!
> >> #PasswordAuthentication yes
> >> -#PermitEmptyPasswords no
> >> +PermitEmptyPasswords yes
> >>
> >> # Change to no to disable s/key passwords
> >> #ChallengeResponseAuthentication yes
> >
> > We do already have logic in image.bbclass to set this based upon
> > debug-tweaks being in IMAGE_FEATURES; is that not working for you?
>
> I haven't tried that, but that still doesn't fix the inconsistency issues
> and presents problems during package upgrades.
It shouldn't be an issue for package upgrades - ${sysconfdir}/ssh/sshd_config
is included in CONFFILES for openssh-sshd.
Cheers,
Paul
--
Paul Eggleton
Intel Open Source Technology Centre
next prev parent reply other threads:[~2013-10-14 11:27 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-14 10:09 [PATCHv2] openssh: allow login with empty password Koen Kooi
2013-10-14 10:37 ` Paul Eggleton
2013-10-14 11:09 ` Koen Kooi
2013-10-14 11:27 ` Paul Eggleton [this message]
2013-10-14 13:46 ` Mark Hatle
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3629318.cbsHQ1o6XL@helios \
--to=paul.eggleton@linux.intel.com \
--cc=koen@dominion.thruhere.net \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox