sshd: it is permit to login with a Empty Password

[William Hooper]

Dario Lesca said:
> On a standard installation of FC1 and FC2 (and FC3?) is permit to login
> with a user with a empty password ... is this correct?

No, it doesn't.

> [root at igloo root]# man sshd_config
>
>> PermitEmptyPasswords
>> When password authentication is allowed, it specifies whether the
>> server allows login to accounts with empty password strings.  The default
>> is no.

The default is to not allow empty password strings.

> [root at igloo root]# grep PermitEmptyPasswords /etc/ssh/sshd_config
> #PermitEmptyPasswords no

If, for what ever reason I can't conceive, you would want to allow people
to log in via ssh without a password, uncomment this line and change it to
"yes".  First, though, make sure your machine is sufficiently isolated
from any insecure network (like the Internet).

-- 
William Hooper