No, this is not good idea as I wrote few minutes ago because it does not improve security, it just provide feeling of better security, see: https://en.wikipedia.org/wiki/Security_through_obscurity I wonder why no-one responded like me, because this was discussed many times ago. Well maybe many times since 1995 (when SSH was born) and maybe I'm a little bit old so I read it many times again and again. It seems like SSH does not make padding sufficiently, but this changes nothing on what I wrote. Disabling root loging does not solve the problem and it profides only false feeling of security. M.K. Dne 12.1.2015 v 09:56 P J P napsal(a): > Hello, > >> On Sunday, 11 January 2015 2:27 PM, Peter Robinson wrote: >>>> Earlier in the discussions I was told that this is not really an issue: in >>>> production, about every server with remote access also has a KVM. >>> Often not the case in small business or third party hosted environments. >>> Without remote ssh, box is unmanageable. >>> >>> Even if you want to do key-based authentication rather than password, you >>> still need to use password initially to get the key onto the remote box. >> If you use cloud-init you can specify an initial public key that it >> inserts against, or even auto enrol it in a central auth system like >> IPA and hence not ever need a password. > So, the major issue(or blocker should we say?) is the virtualized deployments. If there is no solution in sight, maybe last resort is to enable remote root login, possibly in the '%post' install section of the kick-start file. > > Does it seem like an appropriate solution? > --- > Regards > -Prasad > http://feedmug.com -- Milan Keršláger http://www.pslib.cz/ke/ http://www.nti.tul.cz/wiki/Milan.Kerslager -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
