Hello, I just subscribed to this list, sorry if I'm not exactly pertinent or up- to-date...
On Mon, 2018-12-17 at 19:46 +0000, Jose Miguel Parrella Romero wrote: > > No, we don't want a password. But we can have a null-password set, > > which can be used from secure terminals, aka tty0 and ttyS0. I've been using permanent login-less consoles in my LXC containers, because it's very convenient. They actually launch 'getty -l bash ttyXX' which bypasses the password issue. Thus from my point of view having a login-less access is orthogonal to the root password question - and actually I prefer root having no password (and thus no possible interactive login). As of containers, the reasoning is : if I'm root on the host why shouldn't I be root in the containers ? In my case I considered to be okay because 1/ those containers run my code (not my client's), I felt legitimate to sneak into them from the host, 2/ it's not networked, it's a local tty thing with a narrow security scope (either you're root on the host, either you're not). I'm currently wondering if I could extend this idea to the cloud context. I mean, when passing explicit console=hvc0 to the boot args, I'd like to have a root shell attached to it when boot is done. As far as the VM creator is the same person as the VM administrator (which I tend to consider the major case in this devops era), I can't see any security issue. You create the VM, you own it - its data and its fate. I'm currently stuck with VMs with no root password (and where you can't login thru the serial console, which had proven to be a problem for me in some rescue operations), or with passwords which are inherently insecure as soon as you have more than 3 people sharing them (rotating, full renew when one collaborator leaves, updating powered off VMs, you name it). I don't claim that would be a good default option in Debian cloud's images, but I'd like it to be easily configured. And I wonder what other cloud users think/practice...
