Re: Fedora change that will probably affect RHEL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Tue, Jul 28, 2015 at 4:34 PM, Warren Young <wyml@xxxxxxxxxxx> wrote:

> That’s only true if the majority of people will in fact override the default policy.

The current behavior in Fedora and CentOS lets you click Done twice
and bypass the weak password complaint.

>  But as I have repeatedly pointed out here, the stock rules really are not that onerous.  They basically encode best practices established 20 years ago.

In order to protect a system that's Internet facing with
challengeresponseauth (rather than PKA), the minimum password quality
would need to be at least initially onerous. Whereas if things are
properly configured such that ssh is only used internally, all you
have to worry about are internal attacks which are hopefully rather
rare.


-- 
Chris Murphy
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux