[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Default user decisions



Marco Amadori wrote:
> Alle Sunday 27 April 2008, Daniel Baumann ha scritto:
> 
>> The only other live system I know remotely, uses username 'ubuntu' and
>> no password.
> 
>> That made me curious what others think. So, what do *you* guys think?
>> Should it be left as is? Or do you have other preferences? How do other
>> live systems do it?
> 
> ssh wise, Ubuntu's choice is more secure, because it disallows ssh logins if 
> the local console user did not provide a new password.
> 
> I think that using a NULL password like ubuntu do and providing both an 
> interactive way to change it and a boot parameter could be the way I would 
> like to have the user password managed.
> 
> That way we could have a more secure default image approach, a secure personal 
> use approach and the ability to set a password easely at build time.

I have to agree with this.  I really like the Ubuntu approach to 
securing the root/default users, and I'd like to put my support behind 
making this behavior the preferred method.

-- 
John Reese
LeetCode.net



Reply to: