Back in the days of Redhat 9 I set up networks using dumb terminals that used telnet to log in to the server. And simply by deleting the 'X' in /etc/passwd for the user, the user could log in with a user name only. This allowed easy operation of the workstations.
Security is not a concern. The Linux server is located at the same premises and is not locked away - so anyone with malicious intent could have full access to the system. However, the users who log in with just their user name get sent, by means of a login script, into the application program and get logged out automatically when they quit the application. The Internet access is only with password protected SSH on a non-standard high port.
In recent years I have been using Ubuntu for the servers and I have not been able to eliminate the requirement for a password. The best I could do was allow a null password, but the user still had to press Enter to submit the null password after entering the user name.
I am now planning to replace the Redhat 9 servers next year to Ubuntu Lucid Lynx and would like to keep the old dumb terminals in operation as before.
Can someone please tell me how the adjust the configuration files in /etc/pam.d so as to emulate the old RH9 telnet behavior while still keeping the Internet access secure?
You need to enable the
nullokoption for the pam_unix module in the auth action. If you're feeling really insecure, you can do it globally (in thecommon-authfile), or else do it for just the service(s) you want to allow it for (probably best to remove the@include common-authfor that service, too).I know security isn't a concern but using SSH with SSH keys can remove the requirement for a password to be entered.
Some creative symlinking of telnet to ssh could carry you across the line?
Just a thought