On Wed, May 12, 2021 at 04:35:44PM -0400, Ben Cotton wrote: > https://fedoraproject.org/wiki/Changes/Drop_Rootpw_SSH_From_Installer I don't understand why you want to remove this, since it defaults to off. Sure, add a warning if you like (probably there's one already?) Not everyone is installing a public facing server. On my isolated, non-networked test instances I want to put up a short-lived VM with a root password of "123456" quickly and no user account, and this option lets me do that. > Now fast forward to today, it's 2021, any use cases that needed > password based root login via SSH had 2 more years to migrate while the > amount of password guessing attacks certainly didn't get any lower. The trouble is there isn't a practical, lightweight migration available for the test use case, and these aren't exposed anywhere that password-guessing attacks would succeed. The option is not enabled by default (and shouldn't be) so leave it be. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://people.redhat.com/~rjones/virt-df/ _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
