security.pam.services.<name>.allowNullPassword
Whether to allow logging into accounts that have no password
set (i.e., have an empty password field in
/etc/passwd or
/etc/group). This does not enable
logging into disabled accounts (i.e., that have the password
field set to !). Note that regardless of
what the pam_unix documentation says, accounts with hashed
empty passwords are always allowed to log in.
- Type
boolean- Default
false- Declared
- <nixpkgs/nixos/modules/security/pam.nix>