[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is "preseeding the root password with a MD5 hash" an interesting feature for d-i?

Quoting James Davis (jamesd@jml.net):
> Christian Perrier wrote:
> 
> > Are you all people meaning that the root account should be locked when
> > its password has been preseeded?
> 
> No, that SSH be initially configured to only allow public key
> authentication and not password based authentication and that supplied
> public keys get placed appropriately in ~/.ssh/ .


Hmm, this probably means changes to several things:

-the ssh package to accept preseeding of the debconf settings which
sets the server package to accept only key authentication

-preseed, or shadow, tp preseed this when the root account is
de-activated (or locked)

-preseed again to fetch the credential files from the preseed source
(floppy, web, whatever...)
Reply to: