Hi all,
is it allowed to give the user "user" a defined password or will this lead to issues?
Background: I am using ssh-server for file transfert and it would be nice to have the right permission instantly. Using root over ssh will cause problems if the user is goning to access them.

thanks
Erdie

Never seen any issues.

Just use ssh key for login.

Enter password twice for verification against typos.

Irrelevant to question - it doesn't allow to connect remotely to user, if '*' is set instead of password, or '!'.

Anyway, using '!' seems to allow connecting through ssh *without* password set for user. Yet, I haven't seen or heard about any issues, when real password is set. So, I think it answers OP question

/Estel

Allowed? Yes. Recommended? No (IMHO).

Adding a password to the user account increases the chance of your device being exploited by someone guessing or brute forcing the password, though how seriously you should take this potential threat is hard to determine without knowing your precise circumstances.

The best and most secure option is to unlock the user account ("passwd -u user" as root), leave the user account without a password (not a blank password, but no password) and then use only public/private keys for authentication when logging in as user.

Since PR1.1, using ssh to login as root is no longer permitted, either with a password or public/private keys.

Although I generally agree with Your post, this statement is plain wrong. I'm doing it everyday (PR1.3, now 1.3.1 and CSSU-T) - using public/private key, but password based login as root also worked.

/Estel

I should have mentioned I am referring to MeeGo-Harmattan (N9[50]) in which case my statement is entirely correct. In terms of Maemo5/N900 however, you are correct there has never been any such root login restrictions. Perhaps the OP will enlighten us as to which system they are actually using.

Thanks for your answers!