Hello all, This has been discussed on IRC a little, but I wanted to summarize why I think that a means of letting the user set the password at the time the bootable image is created (or booted) would be good. Right now, the default password is "live", and sudo is enabled. This might pose a security risk. Suppose that * people know that Debian Live is being used on a system * the password has been left at the default * the system ordinarily gets its IP by dhcp * this IP is known to people * the DL user activates ssh If this is the case, then I believe that an outsider could log in and then have access to sudo, without the DL user being aware of what is going on.
There was a "Headless Knoppix" (http://www.knoppix.net/wiki/Headless_Knoppix) that might be useful as a reference. In my opinion, a solution that allows the password to be specified using a switch to lh_config would be ideal. Michael
_______________________________________________ debian-live-devel mailing list debian-live-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel