hardening: reject authentication with empty passwd (!759) · Merge requests · Arch Linux / infrastructure · GitLab

Snippets Groups Projects

Due to an influx of spam, we have had to temporarily disable account registrations. Please write an email to accountsupport@archlinux.org, with your desired username, if you want to get access. Sorry for the inconvenience.

Merged Evangelos Foutras requested to merge pam-unix-reject-empty-passwords into master 1 year ago

SSH defaults to disallowing empty passwords but Dovecot has no similar safeguard (at least not one enabled by default). Remove "nullok" from /etc/pam.d/system-auth to implement the desired behavior system-wide.

Activity

Evangelos Foutras @foutrelis · 1 year ago

Author Developer

Applied to hcloud servers; will wait a couple of weeks to see if it has any unintended side-effect before merging and applying to the rest of the servers.
Evangelos Foutras added 7 commits 1 year ago
added 7 commits

7860af64...d4803179 - 6 commits from branch master

6b5a5eea - hardening: reject authentication with empty passwd

Compare with previous version
Evangelos Foutras marked this merge request as ready 1 year ago

marked this merge request as ready
Evangelos Foutras mentioned in commit 4124c3c1 1 year ago

mentioned in commit 4124c3c1
Evangelos Foutras merged 1 year ago

merged

Please register or sign in to reply