Default user decisions
Hello all,
Personally, I have done the null passwords modification in my own version of
live-initramfs. It is useful for users that have the computer in his house
or they carry their own laptop, then the security is physical, because is
protected the place where the computer is, or the access to the machine is
not possible.
Also it is complemented with a firewall that does not permit the remote access
to the services via the network, and configuring OpenSSH or OpenVPN to work
with identification keys and communications encryption, therefore disable
working with passwords.
Regards,
Jordi
El Sunday 27 April 2008 11:38:10 Tzafrir Cohen va escriure:
> On Sun, Apr 27, 2008 at 11:09:06AM +0200, Daniel Baumann wrote:
> > Hi,
> >
> > some days ago, somone on irc asked about thoughs of having, by default,
> > no password for the live user.
> >
> > Currently, we have the username 'user' with password 'live', which I
> > *personally* consider to be a reasonable choice.
> >
> > The only other live system I know remotely, uses username 'ubuntu' and
> > no password.
> >
> > That made me curious what others think. So, what do *you* guys think?
> > Should it be left as is? Or do you have other preferences? How do other
> > live systems do it?
>
> Password should not be required for that user in {g|k}dm (e.g: in case
> there is a need to logout and re-login). But disabling password
> elsewhere is probably not a good idea.
>
> The console login uses the "login" program which may be used by some
> other programs for remote login. There are telnet ans rsh/rlogin that
> nobody really uses (right?)
>
> Various other optional packages (e.g: openssh-server) will allow remote
> login. I suppose it is a bad idea to make it password-less.
Reply to: