summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--vps-builder.scm7
1 files changed, 6 insertions, 1 deletions
diff --git a/vps-builder.scm b/vps-builder.scm
index df63fec..845213c 100644
--- a/vps-builder.scm
+++ b/vps-builder.scm
@@ -254,7 +254,12 @@
(cs-groups (cadr user+cs-groups))
(~ (make-pathname `("/" "home") user))
(~/.ssh (make-pathname ~ ".ssh")))
- (run* (chroot ,root-dir useradd -m -G ,cs-groups ,user))
+ ;; Use -p to set empty *crypted* password. This ensures the
+ ;; user has no password (which differs from having an empty one!)
+ ;; and can choose to set a password. If we didn't supply -p, the
+ ;; password would be *locked*, which means "passwd" will prompt
+ ;; for a password, but there's none, so it can't be changed.
+ (run* (chroot ,root-dir useradd -p "" -m -G ,cs-groups ,user))
(install-directory root-dir ~/.ssh user user #o700)
(install-file root-dir pubkey
(make-pathname ~/.ssh "authorized_keys")