Default user decisions
Marco Amadori wrote:
> Alle Sunday 27 April 2008, Daniel Baumann ha scritto:
>> The only other live system I know remotely, uses username 'ubuntu' and
>> no password.
>> That made me curious what others think. So, what do *you* guys think?
>> Should it be left as is? Or do you have other preferences? How do other
>> live systems do it?
> ssh wise, Ubuntu's choice is more secure, because it disallows ssh logins if
> the local console user did not provide a new password.
> I think that using a NULL password like ubuntu do and providing both an
> interactive way to change it and a boot parameter could be the way I would
> like to have the user password managed.
> That way we could have a more secure default image approach, a secure personal
> use approach and the ability to set a password easely at build time.
I have to agree with this. I really like the Ubuntu approach to
securing the root/default users, and I'd like to put my support behind
making this behavior the preferred method.