On Wed, 2005-02-16 at 08:37 -0500, Richard June wrote: > <snip> > > The problem is that I don't see how anyone could login using ssh to > > account with !! in /etc/shadow. I have to suppose that there were > three words, ssh pubkey authentication. This doesn't apply as the attacker would have to have the ssh private key of a public key which would have to be installed in the ~apache/.ssh/authorized_keys what I don't suppose. However I've been mistaken with the /etc/shadow - the real thing is in the /etc/passwd line - if the second field is empty (no 'x' there) that means the password is empty and sshd would allow logging in. -- Tomas Mraz <tmraz@xxxxxxxxxx>
