[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC: changes to default password strength checks in pam_unix

04-09-2007, Adam D. Barratt:

> On Tue, 2007-09-04 at 07:53 +0000, Oleg Verych wrote:
> [...]
>> What about having more secure Debian's sshd_config by default?
>> "
>> PermitRootLogin no
> You'll have to convince the openssh package maintainers first - see
> #105571, #298138 and #431627 for their opinions on whether that change
> is "more secure".

Thanks for references!

But in public i want to say following.

While making new installation all i care is rebooting to working
operating system.

I.e *i don't care* about entering passwords on middle ground, without
knowing, WTF this installer may do with them, not having comfortable
environment for that _important_ action.

Thus i have silly, empty passwords after installation. Then, i get my
imagination and compose really super-druper passwords for root and users
(that i create myself by script with, IDs i want/have on filesystems, not
by installation process).

Having ssh defaults is just debian's asking -- here i'm, take me, wise

 #oo'L O
<___=E M

Reply to: