RE: PubKey Auth and no password

Don't put a '*' in for the password. This means the account is disabled. OpenSSH checks for this. Instead, change the password for that user to something. Does matter what, could even be the username. Then edit the passwd (or shadow file) and insert a char. somewhere in the encrypted password string. This will make the password unusable, and make OpenSSH feel comfortable about the users account not being locked out.

-Carl

-----Original Message-----

From: Martin Arpon [mailto:marpon@yahoo.com] Sent: Thursday, August 14, 2003 9:17 AM
To: secureshell@securityfocus.com
Subject: PubKey Auth and no password

Hi. I configured a user to authenticate via public key without entering a password. Works fine. As this is the only method I want for that user, i removed his password (password = *). But then the user can 't login any more with public key (I assume it 's treated as disabled).

How can I define the user without giving it a password to be able to do pubkey auth?

SO: AIX 5.2 OpenSSH 3.6.1p2

Any tips appreciated. Regards,

Martin Arpon

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

ps. I 'm not suscribed. If you can, please CC me. Thanks.