© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
Hi Jamie,
Firstly, I'm curious with what sshd_config settings does sshd allow you to connect having such root line in /etc/shadow without supplying password.
Because even if I supply this config (neither of which I use in practice):
PermitRootLogin yes
PasswordAuthent
I still can't login as root with empty password via SSH.
Secondly, while my original suggestion was wrong and nonull or nullok is not the main problem (it's just a coincidence that using nonull helps in my case), when you're disabling root login like this (exclamation mark in the password field, which has a special meaning of locking the account), do you realize you disable root login by SSH keys as well? It would have been much better to replace with an asterisk which achieves what you need to do and does not lock other people out.
/etc/shadow
root:!:
/var/log/auth.log
Dec 5 18:12:37 root sshd[3387]: User root not allowed because account is locked
Jan