[sudo-users] When having multiple simultanious SSH connections, only the first two can `sudo`
Todd C. Miller
Todd.Miller at sudo.ws
Wed Dec 13 15:34:18 MST 2017
On Wed, 13 Dec 2017 19:38:38 +0100, Manuel Wagesreither wrote:
> Why is that? I thought a empty password in /etc/passwd meant "don't
> ask for a password" or "accept an empty string as password". What
> would need to be entered if this prompt showed up?
An empty password in /etc/shadow (or /etc/passwd on systems with
no /etc/shadow file) should mean "accept an empty string as password".
I just tested sudo on Ubuntu with passwd authentication (not PAM)
and that is how it behaves. Note that if /etc/shadow exists, sudo
will use the encrypted password in it, regardless of the value of
the password field in /etc/passwd.
Some programs don't prompt for a password at all if the password
field is empty but sudo doesn't behave that way.
More information about the sudo-users