Try installing the 'libshadow-ruby' using the package provider as (someone mentioned earlier) instead of gem_package.
Setting the password to '*' isn't working because Chef can't find your shadow ruby library. Lock doesn't use this library so it makes sense that it works.
I meant to underscore that someone could still login to the root account over ssh using other authentication methods, most commonly key based authentication.
Bryan
On May 3, 2011 7:13 PM, "Jason J. W. Williams" < "> > wrote:> Are you install Chef from gems or debs?
Debs.
Setting the password attribute to "*" is what appears to trigger the
> I suppose you could set the password to "*" using the password
> attribute. Since we're normally ...
issue. Locking the account works fine though.
Root login is also disabled in sshd_config. The goal is to prevent
> Please keep in mind that neither of these options prevent login to an
> account on Linux, they o...
login with a password to the root account. If a privileged user
becomes root that's acceptable. Just getting rid of direct
password-based login to the account.
Thank you for your help.
-J
Archive powered by MHonArc 2.6.16.