[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Problem with Redhat 6.0



Balaji Ramani wrote:

> On Fri, 30 Apr 1999, Robert Milkowski wrote:
>
> > On Thu, 29 Apr 1999, Balaji Ramani wrote:
> >
> > > Hi,
> > >
> > > I upgraded from 5.2 to 6.0 yesterday.  After the upgrade any user with a
> > > null password field could not log.  If the password field is non-null (a
> > > valid encrypted password), then the user can log on.  But in 5.2, users
> > > were able to log on with a password field in /etc/passwd.  Can someone
> > > help me here?
> > vi /etc/pam.d/(ssh|login|...) ?
>

hello, I don't have RH6 but on RH5.2 you have by default the nullok in each pam
configuration file (after pwdb)
Perhaps RH6 ships with this option disabled, which would be more secure.
In fact, this is better to disallow all null passwords and even use md5 (with
shadow)
I think this is explained in the RedHat documentation.

Matthieu Araman





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []