[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: openssh-server's default config is dangerous

> This is different from what you originally said.  By all means discuss this
> general problem with the developers - but please don't single ssh out and
> mess it up for a good many of the rest of us.

I think we're miscommunicating: I specifically don't want to single-out
SSH but instead I want to single out GDM.  And I think this should be
done in PAM.

> But why do you need weak passwords?  I think we may have an x-y problem here,
> and weak passwords may not be the only/optimum solution to the problem you
> are trying to solve by having them.  Weak passwords are a bad idea per se.

Quite likely.  I only pointed out this need of mine as being related to
the OP's request.

Here are some uses of weak passwords in GDM I can remember offhand:
- For accounts of people unable to remember a more complex password.
- For guest accounts.
- For mere convenience (when I'm in front of my desktop at home, it's
  handy not to have to type my full password, under the assumption that
  physical access to the machine means that a strong password wouldn't
  make much difference (as long as the disk isn't encrypted, say)).


        Stefan
Reply to: