cvs commit: src/share/man/man5 passwd.5

Giorgos Keramidas keramida at ceid.upatras.gr
Sun Sep 18 13:31:28 PDT 2005 

On 2005-09-18 20:16, Gavin Atkinson <gavin.atkinson at ury.york.ac.uk> wrote:
> On Sun, 18 Sep 2005, Giorgos Keramidas wrote:
> > Modified files:
> >   share/man/man5       passwd.5
> > Log:
> > Explain the use of `*' in master.passwd and that it's slightly
> > different from the use of `*' in /etc/passwd.
>
> +.Nm master.passwd
> +file, a password of
> +.Ql *
> +is used to indicate that no one can ever log into that account.
> +The field only contains encrypted passwords, and
> +.Ql *
> +can never be the result of encrypting a password.
>
> This is not strictly true - all it prevents is logins using passwords.
> Passwordless logins using SSH public keys (for example) are unaffected.
>
> Perhaps the attached patch chould be committed?

Yeah, I've been talking with simon@ about this.  I was preparing to
commit something similar, see below:

> --- passwd.5.old	Sun Sep 18 16:40:02 2005
> +++ passwd.5	Sun Sep 18 20:15:16 2005
> @@ -110,7 +110,9 @@
>  .Nm master.passwd
>  file, a password of
>  .Ql *
> -is used to indicate that no one can ever log into that account.
> +is used to indicate that no one can ever log into that account
> +using passwords.
> +Passwordless logins will not be prevented.
>  The field only contains encrypted passwords, and
>  .Ql *
>  can never be the result of encrypting a password.

Would this be ok?

% Index: passwd.5
% ===================================================================
% RCS file: /home/ncvs/src/share/man/man5/passwd.5,v
% retrieving revision 1.45
% diff -u -r1.45 passwd.5
% --- passwd.5     18 Sep 2005 15:40:02 -0000      1.45
% +++ passwd.5     18 Sep 2005 20:30:21 -0000
% @@ -110,7 +110,11 @@
%  .Nm master.passwd
%  file, a password of
%  .Ql *
% -is used to indicate that no one can ever log into that account.
% +is used to indicate that no one can ever log into that account
% +using password authentication (logins through other forms of
% +authentication, i.e.\& using
% +.Xr ssh 1
% +keys, will still work).
%  The field only contains encrypted passwords, and
%  .Ql *
%  can never be the result of encrypting a password.

More information about the cvs-src mailing list