OpenBSD's code has
int
auth_password(Authctxt *authctxt, const char *password)
{
struct passwd * pw = authctxt->pw;
/* deny if no user. */
if (pw == NULL)
return 0;
if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
return 0;
if (*password == '\0' && options.permit_empty_passwd == 0)
return 0;
...
and this is intentional
On Thu, Jan 30, 2003 at 12:06:22AM +1100, Darren Tucker
wrote:> Hi All,
> While testing another patch, I found that I could not longer log in as
> root, even if PermitRootLogin was yes. It seems to be the following
> code in auth_password:
>
> $ cvs diff -r1.48 -r1.49 auth-passwd.c
> [snip]
> #ifndef HAVE_CYGWIN
> - if (pw->pw_uid == 0 && options.permit_root_login !=
PERMIT_YES)
> + if (pw->pw_uid == 0 && options.permit_root_login !>
PERMIT_NO_PASSWD)
> return 0;
> #endif
> [snip]
>
> Was this intentional?
>
> -Daz.
>
> --
> Darren Tucker (dtucker at zip.com.au)
> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
> Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev