Re: [patch] upon install of new operating system version, do not set root password to empty string
2017-11-28 21:59 GMT-02:00 Ian Sutton: > This is a highly theoretical and experimental mitigation which stops the > root password on newly upgraded/installed systems from being an empty > string. The thinking is that by not shipping an operating system with a > known root password, certain classes of attacks involving logging into > the root account might be avoided. I would like some feedback from the > cryptography team as well as NIST finalists in order to better ascertain > the implications of this behaviour. > I could install a system with empty root password, but with a ssh key
Willing to help
Hi OpenBSD developers, First of all: Thanks by the project. I would like to receive some help/mentoring. I`m cursing a master degree course at PUC-Rio, and I need to "create a useful program that performs a service of interest to anyone other than exsively the student." So I would like to create something to the openbsd project. I would like to know in which areas need some work? I have partial time to work on it and only this half year to do it. Some of the old google summer of code is still need? There are some need to a new daemon, or replace an old one, aligned with the openbsd style ( configuration files, privsep, plegde)? Thanks for any help, Mosconi