Re: openssh-server's default config is dangerous
On Tue 12 Jul 2016 at 18:53:29 +0200, mwnx wrote:
> > So, you're blaming a perfectly good (and reasonably secure) way of
> > remote access, but somehow assume that weak passwords are ok.
> > By that logic you should not stop there. Why not blame any remote access
> > mechanism that uses PAM for password checking as well?
>
> There are many kinds of systems on which weak passwords are OK. For
There is no system which justifies having a weak password (whatever
"weak" means). You might like to give an example of an ok weak
password.
> instance, a home PC has no need whatsoever for a strong password. If
Whatever "strong" means this could make sense. On the other hand, it
could be total nonsense.
> someone breaks into my home, they have access to my data anyway; and
Burglars carry Debian Live CDs these days? The ones round here just
kick the door in, load the goods into their cars and fence it
> the password is for local use only. If some malware gets into my
> computer, it can get the root password through keylogging.
I wondered when we would get to malware. You need a new thread for
this. I hope you make a better job of it than the post which started
this discussion.
> Note: this weak password can still be useful to protect my privacy
> from guests.
The cat from next door always looks very intently at me when I am at
the keyboard. Is that normal feline behaviour?
Reply to: