Adam Jackson wrote:
On Tue, 2007-03-20 at 10:11 +0100, Alexander Boström wrote:People don't use good passwords and they don't realize that their password can be used remotely. Giving millions of people an sshd they don't know or care about is a recipe for zombie machines and bad security reputation.So I think you mean "disable password auth by default".
That would probably be the ideal solution, security-wise, to this problem. However, since we're talking about the default configuration here, I feel this would make it "too hard" to get sshd set up initally. If we disable password auth completely, we would have to manually put public keys in place via USB keys or something. That's too much work. Lets settle for a default configuration with a good balance between usability and security. Like perhaps disabling root login or something.
Just my thoughts. /Thomas