Depends on your full stack, but yes, this is the PAM behavior as checks
prior to this indicate a soft success. If you remove authentication from
your system, its expected that any attempt to access will pass, barring and
specific denial.
--On Monday, October 25, 2010 17:16 -0400 Brad Tilley <[email protected]>
wrote:
While experimenting with PCI DSS on a default Debian Linux system, I
found that when I comment out this line:
auth required pam_unix.so nullok_secure
in /etc/pam.d/common-auth, any account may ssh into the box by typing
anything as the password. Is this the desired behavior? I would think
that it would fail by default.
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact
[email protected] Archive:
http://lists.debian.org/[email protected]
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/85db4032fbdb47dbec79c...@[192.168.1.66]
