/etc/usertty and SSH login

Andrew Daviel advax at triumf.ca
Wed May 15 10:12:40 EST 2002


I want to set up a machine which has an account with no password that can 
only be used locally, i.e. you cannot login over the network.
The machine is in a room which is normally locked. It needs access to the 
network for videoconferencing, and this seemed a reasonable way to do 
things rather than putting passwords on post-it notes or Web pages.

This is on a PC running RedHat Linux (7.0)

I thought I had this working by specifying an entry in
/etc/usertty - I could login from the console, but using ssh got a
password challenge.
When I tried to set it up on another machine I found that any non-null
string would work as a password logging in with ssh, and in fact that
I could login from other virtual consoles than the one I had listed.

I see that I can specify DenyUsers in sshd_config, which gives the effect 
I want (since telnet, rlogin etc. are disabled). But I wondered what was 
going on.

Hmm, if PermitEmptyPasswords  is set to yes, then I can login using ssh
with no password. With it set to no, sshd wants a password but it is 
ignored.

/etc/usertty is mentioned in the manpage and info page for "login",
but I can not see it in the binary nor see that it is even being accessed
so I wonder what gives (I know this isn't really an openssh question)

-- 
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376
security at triumf.ca







More information about the openssh-unix-dev mailing list