Re: About sshd(8) remote root login feature & Anaconda UI support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, 2015-01-17 at 03:40 +0000, P J P wrote:
>    Hello,
> 
> > On Friday, 16 January 2015 1:42 PM, David Shea wrote:
> > How would the key be delivered in this case? The kickstart command 
> > just takes the key as a string, and obviously expecting the user 
> > to type in a
> > ssh key isn't going to work. Read from storage? Download from a 
> > URL?
> 
> 
>   Right, true; Reading from storage also sounds iffy, URL support 
> could be good. To be honest, this is still an advance feature we can 
> have in subsequent releases.
> 
> For now, first we need a provision so that users are not locked out 
> of their freshly installed systems. Ie. enable remote root 
> access('PermitRootLogin=Yes') if no non-root account is created OR 
> let user make the choice.
> 
> Yesterday I installed F21 on my machine. In that, while creating a 
> non-root account, Anaconda shows a CheckBox with caption about 
> '..use password authentication...', maybe similar one could be added 
> to the window for setting 'root' password. Only in that we prompt 
> user if they wish to 'enable' remote root access via ssh(8). This 
> CheckBox must be disabled by default.
> 
> Does that sound okay?

It's not really the same thing. The user account check box says 
"Require a password to use this account". If you uncheck it, the 
account is usable without one, basically a guest account. Notably, 
anaconda doesn't need to know anything more than how to set up an 
account, in that case.

Your checkbox gets anaconda into the business of knowing how to edit 
the sshd configuration file, which seems like the kind of sprawl that 
all else being equal it can live without. We don't live in a perfect 
world and sometimes anaconda needs to be able to do stuff like that 
(it can kick off realmd commands and configure the firewall and things 
too), but it *is* more complicated than just a box which decides 
whether it sets a password on an account at all.
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
[Index of Archives]     [Kickstart]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]
  Powered by Linux