On Sat, 22 Nov 2014 08:24:32 +0000 (UTC) P J P <pj.pandit@xxxxxxxxxxx> wrote: > > On Saturday, 22 November 2014 1:39 AM, Richard W.M. Jones wrote: > >> On Fri, Nov 21, 2014 at 09:11:51AM +0100, Florian Weimer wrote: > >> The latter. We have to install authorized_keys inside the VM > >> anyway, so we can touch sshd_config, too. > > > > Virt-builder has a new '--ssh-inject' feature (in F22 only). > > > > $ virt-builder fedora-20 --ssh-inject root > > > > would inject your current ssh key into the root account of the new > > VM. There are other variations, including ways to create a non-root > > user account, see: > > > > http://libguestfs.org/virt-builder.1.html > > > > > Excellent! :) > > > So far the consensus seem that it is okay to reverse the current > default and set PermitRootLogin=no. I'll talk to the upstream > maintainer - plautrba(https://fedoraproject.org/wiki/User:Plautrba). > > Thank you. We can install machine w/o user accounts, removing the ability to log in as root via ssh means those machines will not be accessible. If you want to remove root access that should be conditionally done at firstboot only if a user account was created. Simo. -- Simo Sorce * Red Hat, Inc * New York -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct