Mercurial > dropbear
comparison options.h @ 628:d40f3cc47aed
- Add ALLOW_BLANK_PASSWORD option
- Don't reject blank-password logins via public key
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 26 Oct 2011 15:49:47 +0000 |
| parents | e4991659fc10 |
| children | 2b1bb792cd4d 349fb2dda2dd |
comparison
equal
deleted
inserted
replaced
| 627:7cc34a52feb8 | 628:d40f3cc47aed |
|---|---|
| 156 #endif | 156 #endif |
| 157 | 157 |
| 158 /* Authentication Types - at least one required. | 158 /* Authentication Types - at least one required. |
| 159 RFC Draft requires pubkey auth, and recommends password */ | 159 RFC Draft requires pubkey auth, and recommends password */ |
| 160 | 160 |
| 161 /* Note: PAM auth is quite simple, and only works for PAM modules which just do | 161 /* Note: PAM auth is quite simple and only works for PAM modules which just do |
| 162 * a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c). | 162 * a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c). |
| 163 * It's useful for systems like OS X where standard password crypts don't work, | 163 * It's useful for systems like OS X where standard password crypts don't work |
| 164 * but there's an interface via a PAM module - don't bother using it otherwise. | 164 * but there's an interface via a PAM module. It won't work for more complex |
| 165 * PAM challenge/response. | |
| 165 * You can't enable both PASSWORD and PAM. */ | 166 * You can't enable both PASSWORD and PAM. */ |
| 166 | 167 |
| 167 #define ENABLE_SVR_PASSWORD_AUTH | 168 #define ENABLE_SVR_PASSWORD_AUTH |
| 168 /* PAM requires ./configure --enable-pam */ | 169 /* PAM requires ./configure --enable-pam */ |
| 169 /*#define ENABLE_SVR_PAM_AUTH*/ | 170 /*#define ENABLE_SVR_PAM_AUTH*/ |
| 172 /* Whether to take public key options in | 173 /* Whether to take public key options in |
| 173 * authorized_keys file into account */ | 174 * authorized_keys file into account */ |
| 174 #ifdef ENABLE_SVR_PUBKEY_AUTH | 175 #ifdef ENABLE_SVR_PUBKEY_AUTH |
| 175 #define ENABLE_SVR_PUBKEY_OPTIONS | 176 #define ENABLE_SVR_PUBKEY_OPTIONS |
| 176 #endif | 177 #endif |
| 178 | |
| 179 /* Define this to allow logging in to accounts that have no password specified. | |
| 180 * Public key logins are allowed for blank-password accounts regardless of this | |
| 181 * setting. PAM is not affected by this setting, it uses the normal pam.d | |
| 182 * settings ('nullok' option) */ | |
| 183 /* #define ALLOW_BLANK_PASSWORD */ | |
| 177 | 184 |
| 178 #define ENABLE_CLI_PASSWORD_AUTH | 185 #define ENABLE_CLI_PASSWORD_AUTH |
| 179 #define ENABLE_CLI_PUBKEY_AUTH | 186 #define ENABLE_CLI_PUBKEY_AUTH |
| 180 #define ENABLE_CLI_INTERACT_AUTH | 187 #define ENABLE_CLI_INTERACT_AUTH |
| 181 | 188 |