[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libosinfo] [PATCH] fedora,script: Allow passwordless SSH



HI Daniel,

On Fri, Apr 22, 2016 at 1:00 PM, Daniel P. Berrange <berrange redhat com> wrote:
> On Fri, Apr 22, 2016 at 12:58:40PM +0100, Zeeshan Ali (Khattak) wrote:
>> If either user or admin accounts are passwordless, configure SSH server
>> to allow empty passwords so these accounts can login through SSH.
>> ---
>>  .../fedoraproject.org/fedora-kickstart-desktop.xml.in               | 6 ++++++
>>  1 file changed, 6 insertions(+)
>
> Do we really want todo this. IMHO apps should be enforcing a
> non-zero length password for the accounts created by install
> scripts.  Configuring password-less ssh is madness given the
> modern hostile network environments, even on intranets.

Well without this patch, there is no way of SSHing into the guest if
user/app chooses to have no password. Currently that is the default in
Boxes but maybe Boxes should warn about it being unsecure but I think
if user want passwordless machine, that is precisely what they should
get.

> Regards,
> Daniel
> --
> |: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
> |: http://libvirt.org              -o-             http://virt-manager.org :|
> |: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
> |: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|



-- 
Regards,

Zeeshan Ali (Khattak)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]