Quoting Frans Pop (elendil@planet.nl): > On Thursday 13 August 2009, Philip Hands wrote: > > Any suggestions for ways to protect the clueless from themselves? > > Password strength checking probably. > > There are open wishlist BRs against user-setup for that, but AFAIK so far > nobody has made the effort to implement all the required changes. On the other hand, I wonder about the default settings of openssh-server, that (IIRC, I have no reference handy right now) allows remote root login with a password. I guess this has already been pondered by Colin, but it would be interesting to have the rationale for this.
Attachment:
signature.asc
Description: Digital signature