DragonFly commits List (threaded) for 2010-04
Re: git: SSHD - Change default security
On 15 November 2009 16:37, Matthew Dillon <email@example.com> wrote:
> I think this is our chance to get people to think more seriously
> about security in a world where plain-text password access has been
> under serious attack for the last 20 years now, and getting more
> serious every day. Passwords for shell access (via ssh) are dead in
> the modern world, It is just too dangerous in my view.
> This doesn't affect workstation or console logins or su, only incoming
> ssh connections. And this only affects new installs, not upgrades.
> If a user installing a new system wants to use a password for incoming
> ssh access they have to enable it for ssh in /etc/ssh/sshd_config...
> that really is not any more complicated then users who wanted to enable
> incoming root access via ssh and also had to (previously) edit
> /etc/ssh/sshd_config. Now both cases are uniform. Sshd by default
> allows you to use public keys but not passwords on new installs.
But sshd is disabled by default in the first place, so now the new
users, never familiar with DragonFly, would have not only to manually
enable sshd and the root login, but also change the
PasswordAuthentication setting, something that would appear to be
quite specific to DragonFly, since few other default installs come
with this setting at 'no'.
Considering the benefits vs. the pitfalls, is this really making the
system any more secure? If the user has bothered to create a non-root
account and enable sshd, then it would not seem to appear very likely
that they'd be using a really non-unique user name together with a
really weak password.
I think the PasswordAuthentication settings should be changed back to
the default value of 'yes' as it is in the upstream OpenSSH and