Avatar of Balbir Singh
Balbir Singh
Flag for United States of America asked on

How to ssh PAM authentication with any login info?

I am trying to configure that using ssh any use should be able to login to my server, with or without password ( preferable ). I played with nullok which doesn't require a user to enter the password but I have to create a user and let that user have 'empty password' I am wonder if there is any other way so that any with with empty password should be allowed to login.
SSH / Telnet Software

Avatar of undefined
Last Comment
David Favor

8/22/2022 - Mon
serialband

Never use empty passwords.  You should use ssh keys.
skullnobrains

the pam_permit modules allow to let anyone access w/o passwords

that said, i see no reason why anybody in his right mind would want to do that
ASKER CERTIFIED SOLUTION
David Favor

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
skullnobrains

... and note that using ssh keys does not require messy and otherwise dangerous pam configurations
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
David Favor

As skullnobrains suggested, messing around with PAM can cause large time drains + open security holes.

Generally I just prefer disabling PAM + sticking with SSH keys.