Let me just preface this whole article by saying this is probably a bad idea (especially if the account you want to be password-free login is rooted). Yes, it is annoying to have to type the root password every time you use
su -, but unless you are 100% sure you’ve taken the appropriate safety measures (the bare minimum of which are discussed below), you shouldn’t even consider doing this.
Why do This?
There are several reasons why you might want to be able to log into a user without supplying a password. You might want a communally accessible account with limited permissions as some kind of guest account perhaps. But the most common reason, at least in my experience, is that you can’t be bothered to type a password every time you switch accounts.
If laziness is the case, there are better options. There are more secure ways of automating password entry that you should consider first. But if you’ intent on doing this, read on…
Bare Minimum Security Measures
- Make sure physical access to the machine is not possible except by you.
- Require exclusively pub-key authentication for SSH. Disable password logins completely (in /etc/ssh/sshd_config).
- Make sure the passwordless account either can’t do much, or don’t let any other users on the machine.
Still Want to Do it?
Don’t say I didn’t warn you. You’ll have to do the following (all from a root account):
chmod 777 /etc/shadow
- Find the user you want to free from the bondage of a password:
- Delete everything between the first 2 colons:
chmod 400 /etc/shadow