DragonFly kernel List (threaded) for 2004-07
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: ideas 2

From:	David Rhodus <sdrhodus@xxxxxxxxx>
Date:	Wed, 28 Jul 2004 14:35:19 -0400

>     I've considered changing the PermitRootLogin to 'without-password'
>     by default.  For the CD boot we could safely set it to 'yes' by
>     default, because sshd will not accept an empty password... then a
>     person would only need to set a password on the root account and they
>     could login via sshd.
> 
>                                         -Matt

I would worry about having the 'without-password' turned on by
default, even for the CD because of the possibility of bug getting
into the release building process which could lead to the sshd_config
being copied over to the H/D. I don't think I would be as adverse to
having a small piece of the install program loaded at boot-time and
going into a polling mode which you could remotely attach and perform
a remote install. This would again still need to be limited to the
local subnet but wouldn't directly give out a root prompt. I can still
think of several scenarios were this could be abused, but at least the
person would be limited some-what to the options provided by the
install program.

-- 
                                            -David
                                            Steven David Rhodus
                                            <sdrhodus@xxxxxxxxx>

Follow-Ups:
- Re: ideas 2
  - From: Matthew Dillon

References:
- ideas 2
  - From: Ed
- Re: ideas 2
  - From: Simon 'corecode' Schubert
- Re: ideas 2
  - From: Matthew Dillon
- Re: ideas 2
  - From: David Rhodus
- Re: ideas 2
  - From: Matthew Dillon

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]