SSHd

[Matthew Miller]

On Mon, Aug 21, 2006 at 09:06:01AM +0200, Patrice Dumas wrote:
> The cure is not to disallow features, but use right passwords.
> If I recall well poor passwords can be set by root, but there
> is a warning (at least when set with passwd).

Enforcing strong passwords in anaconda might help. (And for root & user
passwords even when the tools are run as root -- that's one of the main
compromise vectors we see here.) 

But I think the narrow "I want to ssh in after doing a network install" case
is *too* narrow to be a strong argument against not providing this
protection to everyone else -- particularly because there's several
different ways people in this situation could easily work around it.

Systems should be optimized (and doubly so for secured) for the common case
wherever they can be without blocking the useful uncommon cases -- as
Fedora's ssh can be here.


-- 
Matthew Miller           mattdm at mattdm.org          <http://mattdm.org/>
Boston University Linux      ------>              <http://linux.bu.edu/>