Date: Mon, 19 Sep 2005 14:31:04 +0100 From: Gavin Atkinson <gavin.atkinson@ury.york.ac.uk> To: Giorgos Keramidas <keramida@ceid.upatras.gr> Cc: cvs-src@freebsd.org, src-committers@freebsd.org, cvs-all@freebsd.or Subject: Re: cvs commit: src/share/man/man5 passwd.5 Message-ID: <1127136664.25814.11.camel@buffy.york.ac.uk> In-Reply-To: <20050918203109.GA1419@flame.pc> References: <200509181540.j8IFe2LR042274@repoman.freebsd.org> <20050918200104.F89636@ury.york.ac.uk> <20050918203109.GA1419@flame.pc>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 2005-09-18 at 23:31 +0300, Giorgos Keramidas wrote: > On 2005-09-18 20:16, Gavin Atkinson <gavin.atkinson@ury.york.ac.uk> wrote: > > On Sun, 18 Sep 2005, Giorgos Keramidas wrote: > > > Modified files: > > > share/man/man5 passwd.5 > > > Log: > > > Explain the use of `*' in master.passwd and that it's slightly > > > different from the use of `*' in /etc/passwd. > > > > +.Nm master.passwd > > +file, a password of > > +.Ql * > > +is used to indicate that no one can ever log into that account. > > +The field only contains encrypted passwords, and > > +.Ql * > > +can never be the result of encrypting a password. > > > > This is not strictly true - all it prevents is logins using passwords. > > Passwordless logins using SSH public keys (for example) are unaffected. > > > > Perhaps the attached patch chould be committed? > > Yeah, I've been talking with simon@ about this. I was preparing to > commit something similar, see below: > > % Index: passwd.5 > % =================================================================== > % RCS file: /home/ncvs/src/share/man/man5/passwd.5,v > % retrieving revision 1.45 > % diff -u -r1.45 passwd.5 > % --- passwd.5 18 Sep 2005 15:40:02 -0000 1.45 > % +++ passwd.5 18 Sep 2005 20:30:21 -0000 > % @@ -110,7 +110,11 @@ > % .Nm master.passwd > % file, a password of > % .Ql * > % -is used to indicate that no one can ever log into that account. > % +is used to indicate that no one can ever log into that account > % +using password authentication (logins through other forms of > % +authentication, i.e.\& using > % +.Xr ssh 1 > % +keys, will still work). > % The field only contains encrypted passwords, and > % .Ql * > % can never be the result of encrypting a password. I think that would be perfect. Gavin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1127136664.25814.11.camel>