Bug#399840: Do we want an ssh-server task?

[Philip Hands <phil@hands.com>]

On Mon, Aug 10, 2009 at 09:57:06AM -0700, Rick Jones wrote:
> In my case, 99 times out of ten it is a case of "Sit at the console and 
> do the install, when it completes walk back to my desk in another 
> building, try to login and realize 'Damn, I didn't get an ssh server 
> installed' and go back to do so."  Good for exercise, not so good for 
> frustration level.  Were I dealing exclusively with Debian installs, 
> perhaps my creaky wetware would become conditioned to "the install isn't 
> complete until you apt-get install openssh-server" but I deal with three 
> other distros and at least two other operating systems where this isn't 
> an issue.

Out of interest, how do those other OSs mitigate the possibility of a
clueless admin choosing "password" as the root password, and so getting
their box rooted within moments of it going on the net?

While having a task that one needs to opt into seems fair enough, I'm a
little concerned that if we lower the bar too much we'll be adding to
the number of badly secured Debian systems out there.

Any suggestions for ways to protect the clueless from themselves?

Perhaps a variation on the Ubuntu approach of enabling sudo for the
first user, and making PermitRootLogin without-password to at least make
the attacker have to guess the username as well as the password.

That could be made a debconf question, so that people that know what
they're doing can say "I really want to be able to log in as root with
a password" (although I'd question why such a person would think that's
a good idea, since they should be using keys, but at least the debconf
question would shut them up ;-) )

Cheers, Phil.