[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SSHd

Matthew Miller wrote:
On Mon, Aug 21, 2006 at 09:06:01AM +0200, Patrice Dumas wrote:
The cure is not to disallow features, but use right passwords.
If I recall well poor passwords can be set by root, but there
is a warning (at least when set with passwd).

Enforcing strong passwords in anaconda might help. (And for root & user
passwords even when the tools are run as root -- that's one of the main
compromise vectors we see here.)
But I think the narrow "I want to ssh in after doing a network install" case
is *too* narrow to be a strong argument against not providing this
protection to everyone else -- particularly because there's several
different ways people in this situation could easily work around it.

Systems should be optimized (and doubly so for secured) for the common case
wherever they can be without blocking the useful uncommon cases -- as
Fedora's ssh can be here.

Ok. Can you reopen the most relevant bug report in this case and pass on the number?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]