Depends on your full stack, but yes, this is the PAM behavior as checks
prior to this indicate a soft success. If you remove authentication from
your system, its expected that any attempt to access will pass, barring and
specific denial.
--On Monday, October 25, 2010 17:16 -0400 Brad Tilley
On Mon, Oct 25, 2010 at 05:16:51PM -0400, Brad Tilley wrote:
> While experimenting with PCI DSS on a default Debian Linux system, I
> found that when I comment out this line:
>
> authrequiredpam_unix.so nullok_secure
>
> in /etc/pam.d/common-auth, any account may ssh into the box by t
While experimenting with PCI DSS on a default Debian Linux system, I
found that when I comment out this line:
authrequiredpam_unix.so nullok_secure
in /etc/pam.d/common-auth, any account may ssh into the box by typing
anything as the password. Is this the desired behavior? I would thi
3 matches
Mail list logo
