On Mon, Oct 25, 2010 at 05:16:51PM -0400, Brad Tilley wrote: > While experimenting with PCI DSS on a default Debian Linux system, I > found that when I comment out this line: > > auth required pam_unix.so nullok_secure > > in /etc/pam.d/common-auth, any account may ssh into the box by typing > anything as the password. Is this the desired behavior? I would think > that it would fail by default. If no authentication modules are 'required', then no authentication is required. Makes sense to me. noah
Attachment:
signature.asc
Description: Digital signature