[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is "preseeding the root password with a MD5 hash" an interesting feature for d-i?

Christian Perrier wrote:

> Are you all people meaning that the root account should be locked when
> its password has been preseeded?

No, that SSH be initially configured to only allow public key
authentication and not password based authentication and that supplied
public keys get placed appropriately in ~/.ssh/ .

That way authentication credentials can be placed safely in the preseed
configuration. Users could then log in through SSH after a remote
unattended install and change the root and user passwords before
enabling password based authentication again.



Reply to: