Autor: Adam Borowski Data: A: dng Assumpte: Re: [DNG] minor packaging quibbles in devuan cli
On Wed, Mar 23, 2016 at 11:44:30AM +1300, Daniel Reurich wrote: > On 23/03/16 11:35, Adam Borowski wrote:
> > I hope you know that, since jessie, password remote logins for root are
> > disabled unless you enable them yourself.
> >
> I think this is problematic and should be prompted for during the
> install - like I'm pretty sure it was during the install of wheezy...
>
> Seen we're already rebuilding openssh I'll look into it if someone will
> do me a favour and create an issue against that project in git.devuan.org
Uhm, why? That's a reasonable default.
If someone wants that badly to enable remote passwords for root, they can
edit /etc/ssh/sshd_config, same as for any dubious security practice. In
the meantime, the rest of us either log as an user first or use keypairs.
And as so many people use weak passwords, disabling this avenue of attack by
default is important.