On Thu, 19 May 2011 13:40:47 -0400
aragonx(a)dcsnow.com wrote:
Isn't that only part of the
solution? Why would we ever need to have PermitRootLogin to
true? My memory is a little rusty but I'm pretty sure the install
forces the creation of a user account.
No, it does at firstboot.
If you install a headless machine, you have no way to make a user
without logging in as root and making one.
I've never done a
headless install so I know nothing about how that works. However, we
shouldn't let a minority of installations compromise the security of
the majority. As someone has already pointed out, can't they have a
different spin to allow whatever they might need?
I think there are solutions to this, but they should be worked with the
anaconda folks, rather than here. ;)
Are there any
other services that are listening by default and allowed through the
firewall? I believe there should be none of either. However, I
have been called paranoid in the past. :)
Nope. Not on a default install anymore I don't think...
kevin