Re: Review for "PermitRootLogin without-password" change

To: debian-ssh@lists.debian.org
Subject: Re: Review for "PermitRootLogin without-password" change
From: James Cloos <cloos@jhcloos.com>
Date: Thu, 20 Mar 2014 20:32:56 -0400
Message-id: <[🔎] m3k3bol7am.fsf@carbon.jhcloos.org>
In-reply-to: <[🔎] 20140320014833.GC32733@riva.ucam.org> (Colin Watson's message of "Thu, 20 Mar 2014 01:48:33 +0000")
References: <[🔎] 20140320014833.GC32733@riva.ucam.org>

I am in favour of the change fo new installs, and of asking to do it on
upgrades.

But please be sure to announce the change widely.

It is *very* common in the vps world for new virtuals to come with the
expectation that the users must login the first time as root with a
password.

The companies doing that will need to know that they either have to
start asking for an ssh public key when a customer purchases a new vps
or change their template to bypass debian's new default.

(I presume most of us will prefer the former, but I'm not holding my breath.)

-JimC
--
James Cloos <cloos@jhcloos.com>         OpenPGP: 1024D/ED7DAEA6

Reply to:

Follow-Ups:
- Re: Review for "PermitRootLogin without-password" change
  - From: Colin Watson <cjwatson@debian.org>

References:
- Review for "PermitRootLogin without-password" change
  - From: Colin Watson <cjwatson@debian.org>

Prev by Date: Re: Review for "PermitRootLogin without-password" change
Next by Date: Re: Review for "PermitRootLogin without-password" change
Previous by thread: Re: Review for "PermitRootLogin without-password" change
Next by thread: Re: Review for "PermitRootLogin without-password" change
Index(es):
- Date
- Thread