Re: Blocking empty passphrase?

From: Richard E. Silverman (res_at_qoxp.net)
Date: 05/30/05

• Next message: Richard E. Silverman: "Re: cygwin + SSH2"
• Previous message: _at_: "Blocking empty passphrase?"
• In reply to: _at_: "Blocking empty passphrase?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 30 May 2005 12:29:10 -0400

>>>>> "RL" == Richard Lefebvre <quasiAROBAS(@)videotronPOINT(.)ca> writes:

    RL> I have been looking at configuration of servers. And one thing I
    RL> noticed is that empty passphrase are not blocked. Empty password,
    RL> yes but nothing to prevent a user to use a key with an empty
    RL> password. Is there a way to block this for a OpenSSH server or
    RL> SSH2 3.2.9.1?

No, because the concept doesn't make any sense. The server never sees the
client's private key. Even if it did, the key passphrase is an artifact
of how the key is stored on disk, and so has nothing to do with the
protocol.

-- 
  Richard Silverman
  res@qoxp.net

---

• Next message: Richard E. Silverman: "Re: cygwin + SSH2"
• Previous message: _at_: "Blocking empty passphrase?"
• In reply to: _at_: "Blocking empty passphrase?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: How to forbid empty passphrases? ... How to forbid empty passphrases? ... NO user is permitted to have an empty password (it gets ... An electronic message is not binding on its sender. ... Any message referring to a binding engagement must be confirmed in writing and duly signed. ... (SSH) Re: login password live eval CD ... >> Normally you should just use an empty password. ... FreeSBIE uses afaik an empty pw. ... Michel Talon ... (comp.unix.bsd.freebsd.misc)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.ssh  > 2005-05