diff options
-rw-r--r-- | vps-builder.scm | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/vps-builder.scm b/vps-builder.scm index df63fec..845213c 100644 --- a/vps-builder.scm +++ b/vps-builder.scm @@ -254,7 +254,12 @@ (cs-groups (cadr user+cs-groups)) (~ (make-pathname `("/" "home") user)) (~/.ssh (make-pathname ~ ".ssh"))) - (run* (chroot ,root-dir useradd -m -G ,cs-groups ,user)) + ;; Use -p to set empty *crypted* password. This ensures the + ;; user has no password (which differs from having an empty one!) + ;; and can choose to set a password. If we didn't supply -p, the + ;; password would be *locked*, which means "passwd" will prompt + ;; for a password, but there's none, so it can't be changed. + (run* (chroot ,root-dir useradd -p "" -m -G ,cs-groups ,user)) (install-directory root-dir ~/.ssh user user #o700) (install-file root-dir pubkey (make-pathname ~/.ssh "authorized_keys") |