Fedora 32 Might Disallow Empty Passwords For Local Users By Default

Written by Michael Larabel in Fedora on 26 November 2019 at 11:36 AM EST. 41 Comments
FEDORA
Currently Fedora Linux supports empty passwords for local users by default but that could change with next year's Fedora 32 release.

Fedora's PAM module currently enables the "nullok" parameter to allow for null/empty passwords for users. Though a password is obviously required for root and the OpenSSH server configuration doesn't allow empty passwords. But with Fedora 32 there is a proposal to no longer allow empty passwords by default for local users.

This is being done in the name of security hardening of the systems, but not everyone is buying into this reasoning. Some current Fedora bits around the Live images may run into issues among other tooling problems plus some users preferring empty passwords when it comes to throw-away VMs, routinely touched test systems not in production, and other use-cases where local security isn't a concern.

The proposal can be found on their wiki along with the various actions that would need to be taken with changing the default behavior. However, on the Fedora mailing list there are a number of individuals so far dissenting from this plan due to the minimal hardening improvement but interrupting possible existing workflows.

We'll see what the Fedora Engineering and Steering Committee has to say about this idea for F32 in the weeks ahead.
41 Comments
Related News
Btrfs SIG Established For Advancing Btrfs Interests On Fedora
Fedora COSMIC Desktop Spin Proposed For Fedora 42
Fedora 42 Looking To Package Intel SGX Software Stack
Fedora 42 Aims To Enhance The Windows Subsystem For Linux Experience
Fedora Stakeholders Debate Concerns Over "Karma" Term For Their Updates System
Fedora KDE Desktop Spin Promoted To Same Tier As GNOME-Based Fedora Workstation
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features
NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance
Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries