Not sure if this affects other versions of *nix, though I am sure it does.
useradd -m -p "password" user
That will not allow a user to login over ssh, you must use
passwd user
if you want your user logging in remotely. I am not sure what the distinction is between the -p argument in useradd and using passwd to assign a password to a user. Anyone know more about this?
This sounds more like a configuration choice for /etc/ssh/sshd_config. Do a man on sshd_config and search for "PermitEmptyPasswords".
ReplyDeleteYou don't want to fudge with the default of "no". Allowing an account to log in without a password is very bad.
There are exceptions to the rules, but you need to read-up and understand how to best secure OpenSSH before making such a change.
Specifying passwords as arguments is a really, really BAD IDEA. Besides you are doing it wrong:
ReplyDeleteman useradd says:
--snip--
-p, --password PASSWORD
The encrypted password, as returned by crypt(3). The default is to disable the password.
Note: This option is not recommended because the password (or encrypted password) will be visible by users listing the processes.
--snap--
So you have to encrypt the passwort first. You can use mkpasswd for this. But PLEASE: Use pipes for supplying the password!
Interesting! I should have paid more attention to the man page...
ReplyDeleteThanks for the info!
useradd -m -p $(openssl passwd "password") user
ReplyDeleteOddly enough, I encountered this issue myself quite recently.
ReplyDeleteYou can use the program "expect" to fill in passwords automatically in plain text for passwd, but it's not nearly as reliable as the other suggestions made here.