-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 15 Jan 2015 12:08:35 -0800 "Brian C. Lane" <bcl@xxxxxxxxxx> wrote: > On Thu, Jan 15, 2015 at 05:27:13PM +0000, P J P wrote: > > Hello David, > > > > > On Thursday, 15 January 2015 8:57 PM, David Shea wrote: > > > No. UI changes are not something that should be done casually, > > > and UI changes that requires a paragraph of text to explain are > > > going to be either not read or not understood by the majority of > > > users. > > > > Agreed. It was only meant to convey an idea. Actual UI design and > > text could be different. > > > > > The first question I have: do we really need to do anything at > > > all? Do we expect any use cases where someone does an interactive > > > install and will not have console access when they are done? > > That's certainly possible if they're using vnc to setup the system and > reboot before setting up keys manually. Most providers also offer > console access to systems these days, but it is certainly possible to > end with only ssh access to the box. > > > Right, that seems unlikely, but there might be cases, I'm not > > sure. Given below are the Server SIG meeting logs, wherein this > > topic was discussed and the UI changes were suggested. > > > > Please see: > > -> > > http://meetbot.fedoraproject.org/fedora-meeting-1/2015-01-13/fedora-meeting-1.2015-01-13-16.00.log.html > > > > > If so, can we just turn password-based root login on if no admin > > > user is created during the install? > > > > Not admin, but non-root user. It'll definitely help to enable > > password-based root login, if no non-root user is created. > > > > Either solution would serve the purpose. Main intention is that end > > user should not get locked out of their freshly installed Fedora > > systems, because of the proposed feature change. > > I don't like the idea of switching options in the background based on > what combination of users, checkboxes, etc. have been set. That's > going to end up confusing people or leaving the setup in an > unexpected state.0 > > Switching root to key only really doesn't help much. All that does is > move the attack to the user account (assuming they are in wheel). > Disabling password login for all accounts is what would make it > secure. > > But the problem with that is that there is no good way to get the > authorized key onto the system if they do need to login via ssh. You > can now do this in kickstart using the new sshkey command. This is good to know. > A possible alternative is: > > 1. Stronger root password. We really should switch from a minimum > length of 6 to 8 anyway. +1 > 2. Don't allow weak root passwords at all. Remove the double done > click to bypass it. This will annoy me while installing vms > repeatedly, but it is an improvement while still allowing remote > access. while i will be annoyed on test machines I would accept this. > 3. And maybe drop root login completely and move to user+strong > pw+wheel Many people, myself included never use local accounts and join a machine to an ipa domain or some other sort of remote service. Having security through obscurity is really not a effective way to implement. and it will annoy users. I think we should just make root more secure. > This would increase security, a bit, and still let users connect to a > fresh system without console access. > Dennis -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJUuC6dAAoJEH7ltONmPFDRWGoQAJsurhM2x1fc19nVDeFaYRqM QiiKmOKZUmlKXJCRg/knCdU8ZWeyp9eCmuRIj+bisS+aXvNkgLObNtnUg60ZzEh+ BkGR8iunKKaXPbX2GcvzGi7fr9SS3ezgLsJgr8S5PmuAvbtMwMaP+KJyoT8cH7Pk f3FuXUUTM15GKnbWwqVFILlp7kEAscNcz4gV4F6PCXCj/PTwPMGsNnE/0u60mXWE KqCvtdfUi9PKR5lvTcXJf5rb7GXsMSpYX4W5azspLrc/JibW3pcn9A65mEuf547E R2Sgvb0X1+vBRnLwuFFEIv4JTr3XRIybdq7FOey84ICO0+l7zI1UeUhDtq8BAqPc XtQRgGAsL9j2boLiaAwlaM3QVZfMbzQYJW55BDGn7gzijjP5jxipZL1paSHyxP/w TQKR7bwHq7sESHb8LgHo5jSdd+UQOeGWarZGi650S2+o5a/G/Qf+aaaDxeMFMLu9 d483z7Ew7tvPABFGcetCIAEZwZZzS8RdgHLF7HimRKOKt+LcdFasTMVXADoPGdUF qj+VWpxzkL9SWcYGwmFOSIy+B/pBKeKIeXIsefY0QTGXLz3MmSC7dZvODigy8QDo oYDlR3qD3SgkKxO1apUKILpPJ8H5r8KGt6mUeI6ze8PGQkmmWHngvuKKoN4131D+ x2+rz2Asb55u4jS6rqrf =5rbW -----END PGP SIGNATURE----- _______________________________________________ Anaconda-devel-list mailing list Anaconda-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/anaconda-devel-list