Default user decisions

Subject: Default user decisions
From: jreese at leetcode.net (John Reese)
Date: Thu, 01 May 2008 09:48:45 -0400
Message-id: <[🔎] 4819CA3D.5040802@leetcode.net>
In-reply-to: <200805010016.01769.marco.amadori@gmail.com>
References: <481442B2.6020605@debian.org> <200805010016.01769.marco.amadori@gmail.com>

Marco Amadori wrote:
> Alle Sunday 27 April 2008, Daniel Baumann ha scritto:
> 
>> The only other live system I know remotely, uses username 'ubuntu' and
>> no password.
> 
>> That made me curious what others think. So, what do *you* guys think?
>> Should it be left as is? Or do you have other preferences? How do other
>> live systems do it?
> 
> ssh wise, Ubuntu's choice is more secure, because it disallows ssh logins if 
> the local console user did not provide a new password.
> 
> I think that using a NULL password like ubuntu do and providing both an 
> interactive way to change it and a boot parameter could be the way I would 
> like to have the user password managed.
> 
> That way we could have a more secure default image approach, a secure personal 
> use approach and the ability to set a password easely at build time.

I have to agree with this.  I really like the Ubuntu approach to 
securing the root/default users, and I'd like to put my support behind 
making this behavior the preferred method.

-- 
John Reese
LeetCode.net

Reply to:

Follow-Ups:
- Default user decisions
  - From: tzafrir.cohen at xorcom.com (Tzafrir Cohen)

Prev by Date: Bug#478746: live-magic: ISO is created instead of USB image
Next by Date: Default user decisions
Previous by thread: Bug#478746: live-magic: ISO is created instead of USB image
Next by thread: Default user decisions
Index(es):
- Date
- Thread