On Tue, Jan 20, 2015 at 02:06:35PM +0000, P J P wrote:
> > On Saturday, 17 January 2015 9:17 AM, P J P wrote:
> >> On Friday, 16 January 2015 1:42 PM, David Shea wrote:
> >> How would the key be delivered in this case? The kickstart command just
> >> takes the key as a string, and obviously expecting the user to type in a
> >> ssh key isn't going to work. Read from storage? Download from a URL?
> >
> > For now, first we need a provision so that users are not locked out of their
> > freshly installed systems. Ie. enable remote root
> > access('PermitRootLogin=Yes') if no non-root account is created OR let
> > user make the choice.
> >
> > Yesterday I installed F21 on my machine. In that, while creating a non-root
> > account, Anaconda shows a CheckBox with caption about '..use password
> > authentication...', maybe similar one could be added to the window for
> > setting 'root' password. Only in that we prompt user if they wish to
> > 'enable' remote root access via ssh(8). This CheckBox must be disabled
> > by default.
> >
> > Does that sound okay?
>
>
> @David...? @Brian..?
>
>
>
> The feature has been deferred to F23 citing insufficient support in installer UI.
> If we are to take a step towards non-password based authentication and safer defaults,
> we need to find a solution for this glitch. Your inputs would be valuable in that.
Sorry to take to long to follow up, I was trying to get enough time to
at least skim the fedora-devel thread.
I think the goal here is good. Better security is always a plus.
But I don't think mandating a sshd config change is the right way to do
it. Or adding checkboxes, or text entries for ssh keys in the installer.
This makes it harder for a significant number of users to setup their
systems and really only moves the problem into guessing the
username+password instead of just guessing root's password.
The installer already gives the users the tools to make their systems
secure:
In GUI mode if you create a normal user that is a member of wheel the
root account is locked, unless you also set a root password. This is
effectively the same as changing the config.
In kickstart we have the same ability, as well as the new sshkey
command so that you can set the ssh key for root or any other account
that is created.
Users who are concerned with security already know how to setup their
systems, use strong passwords, switch to key only logins, etc. They
aren't the ones who need help.
Instead I propose that we increase our minimum password length to 8
characters, and disallow weak passwords. The initial pain of creating a
throw-away password for your vm can be mitigated by running pwgen and
writing down a nice looking one on a sticky note :)
--
Brian C. Lane | Anaconda Team | IRC: bcl #anaconda | Port Orchard, WA (PST8PDT)
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
