On 5/17/19 5:23 AM, Stephen Gallagher wrote:
...snip...
3) Force Anaconda to require the creation of a non-root user that is
a
member of the `wheel` group, so that this user can be used to SSH in
and administer the system. Essentially, remove the root user creation
spoke as an option from the interactive install.
So, this is basically the old cloud-init makes a user that can sudo to
root thing. Can anyone explain in small words how this is more secure?
I mean, in this case the attacker would need to guess the username in
addition to the password (where in the cloud cause this is known), but
otherwise why not just keep root password access ?
I always found that cloud default anoying and useless and haven't yet
seen a good argument to not do it.
kevin