*lock* considered empty?
Darren Tucker
dtucker at zip.com.au
Sat Oct 18 14:02:07 EST 2003
James Dennis wrote:
>
> Is *lock* considered empty in regard to passwords? I have an account
> that was locked using *lock* as the password (not my system) and after
> upgrading to 3.7.1 we found that that account could not log in. After
> giving that account a password, it could login fine. We were using
> public key auth so passwords aren't even necessary for that account.
Not exactly. sshd now tests for locked accounts, but what constitutes
locked varies from platform to platform.
Currently, a literal "*lock*" isn't considered. The following strings
are:
Literal "*" Darwin, HP-UX
Literal "*LK*" IRIX, Solaris
Substring "Nologin" Tru64
Leading "!!" Linux
What platform are you using?
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list