Login or Register to Ask a Question and Join Our Community


Solaris

Solaris 10 allow ssh login with empty passwd

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris Solaris 10 allow ssh login with empty passwd
# 1  
Old 12-03-2009
Solaris 10 allow ssh login with empty passwd
I have turned off PermitEmptyPasswords in sshd_config, but a user with empty passwd (deleted by passwd -d user) can still login without password, why? it is big security concern, linux doesn't have the issue.


Code:
 
$ uname -a
SunOS  5.10 Generic_118855-14 i86pc i386 i86pc
 
$/etc/ssh/sshd_config
PermitEmptyPasswords no

# 2  
Old 12-03-2009
You likely forgot to have the configuration file read again by the daemon:
Code:
svcadm restart ssh

# 3  
Old 12-03-2009
Quote:
Originally Posted by jlliagre
You likely forgot to have the configuration file read again by the daemon:
Code:
svcadm restart ssh

sshd has been restarted, this sympthom exists on many hosts, I think it is Solaris weird default behaviour.
# 4  
Old 12-03-2009
Go to the user's home directory in the server.
Go to .ssh directory
Delete the authorized_keys file.
# 5  
Old 12-03-2009
Quote:
Originally Posted by sundar63
Go to the user's home directory in the server.
Go to .ssh directory
Delete the authorized_keys file.
it was not authenticated by ssh key, ssh -vv showed it succeeded by keyboard interactive.
# 6  
Old 12-03-2009
If PASSREQ macro in /etc/default/login is set to YES, then a user cannot have blank password.
# 7  
Old 12-03-2009
Quote:
Originally Posted by honglus
sshd has been restarted, this sympthom exists on many hosts, I think it is Solaris weird default behaviour.
I reproduced the issue on Solaris 10 update 4. It looks like a bug so might already be fixed in a patch. In any case, the same setting works as expected with OpenSolaris.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Passwd -f locks out login

hello; I have inherited a SunOS sjcorpftp 5.10 Generic_118855-36 i86pc i386 i86pc whenever someone needs a new password, I change it via "passwd username" then "passwd -f username" so they can change their password on my only sun sparc 5.9 you can "accessed denied" when you... (0 Replies)
Discussion started by: ikeleong
0 Replies

2. Cybersecurity

SSH password-less login issue between linux and solaris

Hello Gurus, I am trying to set up bidirectional password-less login between a linux and a Solaris. The way I am doing is very simple, which is creating pub/priv key pairs on each host and add the pub key to each other's authorized_keys file: ssh-keygen -t rsa (I tried dsa, and it didn't work... (4 Replies)
Discussion started by: error_lee
4 Replies

3. Solaris

Why unix passwd are hidden when while login

Hi, I might be stupid here to ask such question but I was just curious on ssh login to unix boxes (solaris). When we login to unix box, it asks for password, but while typing the password, the password characters (like asterik or anything) seems hidden. why it is so? Thanks (3 Replies)
Discussion started by: snchaudhari2
3 Replies

4. Solaris

Unable to login using ssh,telnet onto my solaris machine with solaris 10 installed

Hi, I am unable to login into my terminal hosting Solaris 10 and get the below error message "Server refused to allocate pty ld.so.1: sh: fatal: libc.so.1: open failed: No such file or directory " Is there anyways i can get into my machine and what kind of changes are required to be... (7 Replies)
Discussion started by: sankasu
7 Replies

5. Solaris

Force user to change passwd on first login

Hello All, How to force user to change his login passwd on his first login in solaris 10 ? while adding user do we need to set the password in theis case?? (7 Replies)
Discussion started by: saurabh84g
7 Replies

6. Solaris

password less login from openssh to SSH Secure Shell 3.0.1 Sun solaris 7

Hi, I would like to login from a Sun server running ssh: Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f to ssh: SSH Secure Shell 3.0.1 on sparc-sun-solaris2.6 How can I achieve this? Thanks a million in advance (1 Reply)
Discussion started by: newbewie
1 Replies

7. UNIX for Dummies Questions & Answers

Painfully Slow SSH login on Solaris box

Running open solaris on a e420 that I recently picked up. Having issues sshing to it from either of my Linux boxes as its very slow to login (from the solaris box to the linux box it connects just fine. Here is the output of ssh -vvv. I have hightlighted where it seems the slowdown is. Does... (0 Replies)
Discussion started by: creedog
0 Replies

8. Solaris

Solaris 9 slow login thru ssh & ftp

When I ssh to my box, an Ultra 5. I get prompted for password immediately. I enter it and have to wait sometimes a full minute for it to prompt for a password. The same thing happens when i try to ftp to the box, it will say connected, but it takes forever to prompt for password, and... (2 Replies)
Discussion started by: BG_JrAdmin
2 Replies

9. UNIX for Advanced & Expert Users

Solaris 9 remote login (ssh) drops connection

Hello All, I wonder if you can help me... Let me give you some set-up details before I ask you the question. I have Ultra-60 at home with Solaris 9 and recommended patch cluster installed. The machine is connected to a Linksys WAG54G ADSL router/modem through RJ45 ethernet cable. The... (2 Replies)
Discussion started by: ahmerin
2 Replies
Login or Register to Ask a Question