Re: openssh-server's default config is dangerous

[Lisi Reisz <lisi.reisz@gmail.com>]

On Tuesday 12 July 2016 14:53:41 Stefan Monnier wrote:
> The original use case
> was to provide an account to my daughter who was not (yet) able to
> remember a strong password.  She wasn't going to use a console
> login either.

So a corner - and hopefully transitory ;-) - case.  Set your system to use 
key-pairs.  (Is that what you are advocating that the rest of us should have 
imposed???)  Then change it back when your daughter is old enough to use a 
strong password - if age is the problem.  People do after all outgrow being 
too young.  My being too old can only get worse. ;-)

Lisi