Remco wrote:
> Tobias Ulmer wrote:
>
>> Adding a user with a locked password is a deliberate action.
>> Set the password to "*************" to stop security(8) from
>> complaining about the new user.
>>
>
> I suppose this is about the "Set the password so that user cannot logon?
> (y/n)
> [n]:" question. AFAICT there are (at least) three options here:
> - create a user with a password
> - create a locked out user without a password
> - create a user without a password having some alternative means of access
> (e.g. Kerberos)
> Doesn't it make more sense to make this questions a multiple choice,
> having three options to cater for the aforementioned scenarios ?
BTW, the following appears inconsistent to me:
Users without password added by adduser end up having a one * password field:
e.g.: test1:*:1002:1002:t:/home/test1:/bin/ks
When using useradd the result is the 13 * treatment:
e.g.: test:*************:1001:10::/home/test:/bin/ksh
This appears to result in users installed by the base system having a one *
password, while users installed by packages end up having a 13 * password.
I'm not sure this this is deliberate.
P.S., I'm using:
OpenBSD 5.2 (GENERIC.MP) #368: Wed Aug 1 10:04:49 MDT 2012
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
