Summary of password strength discussion

Chris Murphy lists at
Tue Jul 28 02:07:32 UTC 2015

On Mon, Jul 27, 2015 at 4:54 PM, Matthew Miller
<mattdm at> wrote:
> On Mon, Jul 27, 2015 at 03:49:55PM -0600, Chris Murphy wrote:
>> > I like this too, but editing sshd_config is more than a bit scary.
>> Not the user, the GUI asks a service to do the editing COW style -
>> write out a .new and once that succeeds, then rename current to old
>> and new to current.
> Yes, I assumed that. What if there is an existing configuration?

It would always use /etc/ssh/sshd_config whether it's the default
installed, or a user modified one. The GUI Remote Login toggle would
toggle both sshd.service stop/start/enable/disable states, and
AllowUsers list. So something has to be able to parse this file.

Maybe PAM can be leveraged for this, since sshd_config defers to PAM
already for authentication. So sshd could just ask PAM rather than
modifying sshd_config directly.

Chris Murphy

More information about the desktop mailing list