20
4
I have a user without a password set (i.e. passwd -d).
I would not like to use public keys on this setup.
Is there a way to SSH login to such a user?
user53335
Posted 2012-01-29T17:30:15.127
Reputation: 237
Login with SSH user that has no password set
Answers
18
PermitEmptyPasswords yes then restart sshd ?
lovethebomb
Posted 2012-01-29T17:30:15.127
Reputation: 356
7@ProBackup you'll have to add ssh to /etc/securetty for this to work. – Ruslan – 2017-11-29T19:16:01.173
^ THIS, thanks @Ruslan ! – Tony Bogdanov – 2019-06-10T06:35:47.750
2This works, but is horribly insecure. – Piskvor left the building – 2012-01-31T12:31:26.940
For sure, but well, as said : I would not like to use public keys on this setup. – lovethebomb – 2012-01-31T16:43:18.480
4With Ubuntu 13.10 PermitEmptyPasswords yes doesn't let the user with an empty password set login, even after a reboot. – Pro Backup – 2014-02-12T06:42:08.013
2
If you just want to become the user in question, the simplest way is to log in as some other user (via ssh) and su $username. This requires root privilegies, but you could put the command in /etc/sudoers and only let your user execute that command as root.
If you really want to login through ssh (or remotely in some other way), you need to pick one of the following:
- Let anyone anywhere (or at least on the network you're on) login.
- Use a password to restrict who can login.
- Use certificates to restrict who can login. For ssh directly, this means a public/private key pair, either the ssh-style rsa pair or x509 (like for other ssl stuff).
Eroen
Posted 2012-01-29T17:30:15.127
Reputation: 5 615
This is a little confused: 1) su is not sudo 2) with sudo the "as root" does not apply. While using su is an option, I (as a former Unix sysadmin) would rather see a focus on the use of sudo. – reinierpost – 2012-01-31T11:07:18.603
I don't see what you mean. 1) sudo does not look like logging in as or switching to a user, su does. The op wanted to log in as some user, not execute commands as it. 2) sudo lets you execute commands as another user (see man sudo if you don't believe me). In this case you would like to execute su as root to avoid having to give a password for the user you switch into. 3) Different tools for different tasks, although I guess some people have higher tolerances than me for typing sudo -u postfix before their actual commands. – Eroen – 2012-01-31T13:35:04.597
2
Allow PermitEmptyPasswords in sshd_config and restart sshd.
user53335
Posted 2012-01-29T17:30:15.127
Reputation: 237
2Why would that help? – reinierpost – 2012-01-31T11:04:01.260
do you want to login as that user, or do you want to be sure that no one else logs in as that user? – Baarn – 2012-01-29T17:45:58.013