Dario Lesca said: > On a standard installation of FC1 and FC2 (and FC3?) is permit to login > with a user with a empty password ... is this correct? No, it doesn't. > [root@igloo root]# man sshd_config > >> PermitEmptyPasswords >> When password authentication is allowed, it specifies whether the >> server allows login to accounts with empty password strings. The default >> is no?. The default is to not allow empty password strings. > [root@igloo root]# grep PermitEmptyPasswords /etc/ssh/sshd_config > #PermitEmptyPasswords no If, for what ever reason I can't conceive, you would want to allow people to log in via ssh without a password, uncomment this line and change it to "yes". First, though, make sure your machine is sufficiently isolated from any insecure network (like the Internet). -- William Hooper
