[CHANGE PROPOSAL] The securetty file is empty by default
h.reindl at thelounge.net
Wed Apr 2 17:37:01 UTC 2014
Am 02.04.2014 19:29, schrieb Chris Adams:
> Once upon a time, Jaroslav Reznik <jreznik at redhat.com> said:
>> ----- Original Message -----
>>> [CHANGE PROPOSAL] The securetty file is empty by default
>>> All the info has been sitting here @
>>> since March 20th.
>>> Did I mess something up? Or is there just a backlog?
>> Backlog. But for this one, I'd really like to see some discussion
>> in advance of the real announcement. So thank you for this email.
> I'd be opposed to locking root out of the console login (having spent
> today at work tracking down miscellaneous VMs with only a root user
a golden-master for a virtual infrastructure usually do not
have any other login user because which one is decided after
clone and intention of the final machine instead some generic
> Fedora still allows root SSH logins by default; how is that more secure
> than the console?
it is not but disable that in a default install makes nothing more secure
the only secure SSH setup is that one where no password login is allowed
and that is a chicken/egg problem not solveable at setup
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 246 bytes
Desc: OpenPGP digital signature
More information about the devel