-
Sébastien Luttringer authored
This will prevent root login with an empty password on a fresh Arch Linux installation. This is only about the default behaviour, you could restore the previous one by running `passwd -d root'. Please note, this is not recommended and behave inconsistenly between applications. We use a trick in the shadow file to set a default password which never allow login by using this password. The special value '*' is used in the shadow file. We don't use '!', '!!', '!*' on purpose. The special '!' char, which should mean password locked (and not account locked) is interpreted by some applications (e.g. sshd) as an account locked and will prevent root login. This change was suggested by Lennart Poettering and Zbigniew Jedrzejewski-Szmek to security@archlinux.org.
Sébastien Luttringer authoredThis will prevent root login with an empty password on a fresh Arch Linux installation. This is only about the default behaviour, you could restore the previous one by running `passwd -d root'. Please note, this is not recommended and behave inconsistenly between applications. We use a trick in the shadow file to set a default password which never allow login by using this password. The special value '*' is used in the shadow file. We don't use '!', '!!', '!*' on purpose. The special '!' char, which should mean password locked (and not account locked) is interpreted by some applications (e.g. sshd) as an account locked and will prevent root login. This change was suggested by Lennart Poettering and Zbigniew Jedrzejewski-Szmek to security@archlinux.org.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.