| From: | "Brian C. Lane" <bcl-AT-redhat.com> |
| To: | anaconda-devel-list-AT-redhat.com |
| Subject: | Re: About sshd(8) remote root login feature & Anaconda UI support |
| Date: | Thu, 15 Jan 2015 12:08:35 -0800 |
| Message-ID: | <20150115200835.GA5535@lister.brianlane.com> |
On Thu, Jan 15, 2015 at 05:27:13PM +0000, P J P wrote: That's certainly possible if they're using vnc to setup the system and reboot before setting up keys manually. Most providers also offer console access to systems these days, but it is certainly possible to end with only ssh access to the box. I don't like the idea of switching options in the background based on what combination of users, checkboxes, etc. have been set. That's going to end up confusing people or leaving the setup in an unexpected state.0 Switching root to key only really doesn't help much. All that does is move the attack to the user account (assuming they are in wheel). Disabling password login for all accounts is what would make it secure. But the problem with that is that there is no good way to get the authorized key onto the system if they do need to login via ssh. You can now do this in kickstart using the new sshkey command. A possible alternative is: 1. Stronger root password. We really should switch from a minimum length of 6 to 8 anyway. 2. Don't allow weak root passwords at all. Remove the double done click to bypass it. This will annoy me while installing vms repeatedly, but it is an improvement while still allowing remote access. 3. And maybe drop root login completely and move to user+strong pw+wheel This would increase security, a bit, and still let users connect to a fresh system without console access. -- Brian C. Lane | Anaconda Team | IRC: bcl #anaconda | Port Orchard, WA (PST8PDT)