[Fedora-livecd-list] A French Fedora LiveCD.
Jeremy Katz
katzj at redhat.com
Mon Mar 13 21:56:35 UTC 2006
On Mon, 2006-03-13 at 22:45 +0100, Chitlesh GOORAH wrote:
> On 3/13/06, Jeremy Katz <katzj at redhat.com> wrote:
> > On Mon, 2006-03-13 at 22:36 +0100, Chitlesh GOORAH wrote:
> > > > Yes, sshd is almost certainly still installed and running.
> > > >
> > >
> > > To decrease boot time, sshd is turned off.
> > > So should I still be worrying ?
> >
> > As long as it's present and can be enabled, I would be seriously worried
> > about any blank passwords
>
> To enabled it we need root access right. What if root has a password
> and the user "fedora" doesn't ?
Does the root user have a password that's stable or do we prompt on
boot? If it's something that's standard, then it is "known" and just as
(not) useful as having it be blank.
If we're doing auto-login for the fedora user, then we almost certainly
want to also have the account locked so there's no password. Then we
don't have to worry about logins from the fedora user remotely. It does
mean they also can't log in from the console, though, and we have to
ensure that the screensaver never asks for a password.
Jeremy
More information about the livecd
mailing list