I have a login that I want to be able to access only via ssh with a
certificate (in ~/.ssh/authorized_keys).
So I have disabled the password ('*') but left a valid shell. Something
like this in /etc/master.passwd:
mylogin:*:1001:1001::0:0:My login:/home/mylogin:/bin/sh
But in this way every day a receive a mail with the following:
Checking the /etc/master.passwd file:
Login mylogin is off but still has a valid shell and alternate access
files in home directory are still readable.
What is the supposed way to define an account without a password but
with a valid shell (to access via ssh with a certificate)?
Thanks.
No comments:
Post a Comment