[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: passwordless root login

On Mon, Oct 13, 2003 at 02:24:54PM +0200, Haim Ashkenazi wrote:
> J. Bruce Fields wrote:
> 
> > On Mon, Oct 13, 2003 at 10:15:16AM +0800, Sacha Chua wrote:
> >> "J. Bruce Fields" <bfields@fieldses.org> writes:
> >> 
> >> > I'd like to configure a debian box to allow root logins without a
> >> > password; what do I need to do?  The relevant line in the password file
> >> > is
> >> > root::0:0:root:/root:/bin/bash
> >> > I thought the empty password field would do the job, but apparently
> >> > not. There is no /etc/shadow file.
> >> 
> >> You probably don't want to do that, as that will give everyone access
> >> to everything on your box.
> > 
> > As far as I know I don't have anything (sshd, ftpd, etc.) installed that
> > allows remote logins.  I'm willing to trust anyone who has access to the
> > console.
> it's not only a question of trusting. it's a question of peaple making
> mistakes under pressure (e.g. chmod -R ... in the wrong place).

Of course, but this is a risk I'm willing to take--especially since this
"box" is actually a UML running on a filesystem that I can rebuild from
scratch using automated scripts in about 5 minutes.  So an accidental
chmod -R (or, for that matter, a rm -rf /) isn't a catastrophe.

> GoodLuck (you'll need it)

Oh well, that's true regardless.

--Bruce Fields
Reply to: