Results 1 to 9 of 9

Thread: Mythbuntu 12.04 LTS - Is user mythtv locked out of SSH login by default?

  1. #1
    Join Date
    Oct 2007
    Location
    Minneapolis, MN
    Beans
    287
    Distro
    Ubuntu 12.04 Precise Pangolin

    Mythbuntu 12.04 LTS - Is user mythtv locked out of SSH login by default?

    I'm wondering if user mythtv is locked out of SSH login by default?

    I looked in the /etc/ssh/sshd_config file and I do NOT see any lines that say "DenyUsers mythtv".

    Either user mythtv can login via SSH, or user mythtv is locked out of SSH login, and it isn't obvious where that restriction is made.

    Curious,
    Eric

  2. #2
    Join Date
    Dec 2013
    Beans
    22

    Re: Mythbuntu 12.04 LTS - Is user mythtv locked out of SSH login by default?

    User mythtv is a system user and has no password. That should prevent SSH login.

  3. #3
    Join Date
    Oct 2007
    Location
    Minneapolis, MN
    Beans
    287
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Mythbuntu 12.04 LTS - Is user mythtv locked out of SSH login by default?

    Thanks for that answer.

    In the past (2008-ish), we had to put the "DenyUsers mythtv" into the /etc/ssh/sshd_config file to prevent the mythtv user from SSH logins.

    How is this system user (no login) distinction made, now?
    Is there a particular config file that sets this status?

    Thanks,
    Eric

  4. #4
    Join Date
    Apr 2012
    Beans
    5,972

    Re: Mythbuntu 12.04 LTS - Is user mythtv locked out of SSH login by default?

    ... something in the back of my mind says that setting no password on an account only disables password-based login, and key-based SSH would still be enabled. Don't quote me on that though.

  5. #5
    Join Date
    Dec 2013
    Beans
    22

    Re: Mythbuntu 12.04 LTS - Is user mythtv locked out of SSH login by default?

    @steeldriver:
    That's right, but wouldn't that require keys to be created + copied to the client?

  6. #6
    Join Date
    Oct 2007
    Location
    Minneapolis, MN
    Beans
    287
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Mythbuntu 12.04 LTS - Is user mythtv locked out of SSH login by default?

    Quote Originally Posted by steeldriver View Post
    ... something in the back of my mind says that setting no password on an account only disables password-based login, and key-based SSH would still be enabled. Don't quote me on that though.
    Are you thinking that some config file somewhere has a line that says something like "NoPassword mythtv"?
    Any idea which config file?

    Thanks!

  7. #7
    Join Date
    Nov 2006
    Location
    Oregon
    Beans
    4,401
    Distro
    Ubuntu Development Release

    Re: Mythbuntu 12.04 LTS - Is user mythtv locked out of SSH login by default?

    Quote Originally Posted by neutron68 View Post
    Are you thinking that some config file somewhere has a line that says something like "NoPassword mythtv"?
    Any idea which config file?

    Thanks!
    No, he's saying that the mythtv user doesn't have a password set, and that accounts that don't have passwords set can't login via SSH.
    *Don't PM me directly for support, open a new thread
    *Looking for a MythTV quick start guide?

  8. #8
    Join Date
    Apr 2012
    Beans
    5,972

    Re: Mythbuntu 12.04 LTS - Is user mythtv locked out of SSH login by default?

    sorry, just to clarify what I meant was that *if* the mythtv user had set up valid key based SSH authorization (or an admin user had created an inserted the keypair for the account) then just removing the account password would *not* be sufficient to prevent SSH login - it would only prevent password-based SSH login

  9. #9
    Join Date
    Oct 2007
    Location
    Minneapolis, MN
    Beans
    287
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Mythbuntu 12.04 LTS - Is user mythtv locked out of SSH login by default?

    Quote Originally Posted by tgm4883 View Post
    No, he's saying that the mythtv user doesn't have a password set, and that accounts that don't have passwords set can't login via SSH.
    So, as long as making a user (with the newuser command) with no password is not prohibited, its ok to do so?

    Eric
    Last edited by neutron68; January 15th, 2014 at 06:48 AM.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •