Marco Amadori wrote: > Alle Sunday 27 April 2008, Daniel Baumann ha scritto: > >> The only other live system I know remotely, uses username 'ubuntu' and >> no password. > >> That made me curious what others think. So, what do *you* guys think? >> Should it be left as is? Or do you have other preferences? How do other >> live systems do it? > > ssh wise, Ubuntu's choice is more secure, because it disallows ssh logins if > the local console user did not provide a new password. > > I think that using a NULL password like ubuntu do and providing both an > interactive way to change it and a boot parameter could be the way I would > like to have the user password managed. > > That way we could have a more secure default image approach, a secure > personal > use approach and the ability to set a password easely at build time.
I have to agree with this. I really like the Ubuntu approach to securing the root/default users, and I'd like to put my support behind making this behavior the preferred method. -- John Reese LeetCode.net _______________________________________________ debian-live-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel
