On 5/15/21 11:53 AM, Ralf Corsepius wrote:
Creating a non-root user account, possibly with admin rights (all
possible from within Anaconda) would seem like a safer option for
accasional/emergency password based access to such machines over SSH.
I don't see, how this would any safer than
Hi,
On 5/17/21 2:26 PM, Martin Kolman wrote:
On Sat, 2021-05-15 at 17:53 +0200, Ralf Corsepius wrote:
On 5/14/21 2:50 PM, Martin Kolman wrote:
On Thu, 2021-05-13 at 20:09 +0200, Peter Boy wrote:
We discussed that in the Fedora Server Edition Working Group and
opted to leave it as is for
Hi,
On 5/14/21 1:05 AM, Juha Tuomala wrote:
On Thursday, 13 May 2021 18:50:33 EEST PGNet Dev wrote:
On 5/13/21 10:48 AM, Juha Tuomala wrote:
Virtual machine installation is hopefully a special use case and majority
of installations are bare metal end users.
hardly.
here,
Sure. But this
On Sat, 2021-05-15 at 17:53 +0200, Ralf Corsepius wrote:
> On 5/14/21 2:50 PM, Martin Kolman wrote:
> > On Thu, 2021-05-13 at 20:09 +0200, Peter Boy wrote:
>
> > > We discussed that in the Fedora Server Edition Working Group and
> > > opted to leave it as is for the Server installation iso. A lot
On 5/13/21 9:45 AM, Simo Sorce wrote:
> On Wed, 2021-05-12 at 16:35 -0400, Ben Cotton wrote:
>> == Benefit to Fedora ==
>> This change makes the Fedora systems installed by Anaconda more secure
>> from remote password guessing attacks targeting the root account as it
>> would no longer be possible
On 5/14/21 2:50 PM, Martin Kolman wrote:
On Thu, 2021-05-13 at 20:09 +0200, Peter Boy wrote:
We discussed that in the Fedora Server Edition Working Group and
opted to leave it as is for the Server installation iso. A lot of
servers are running in a protected environment. And there are
On Friday, 14 May 2021 14:25:26 EEST PGNet Dev wrote:
> On 5/14/21 2:05 AM, Juha Tuomala wrote:
> > Sure. But this is devel list. Are developers themselves the target
> > audience?
>
> > :) Hopefully not. Is it defined somewhere?
> and, yes, 'developers themselves' -- again, "here" -- *are* a
On Thu, 2021-05-13 at 20:09 +0200, Peter Boy wrote:
>
>
> > Am 12.05.2021 um 22:35 schrieb Ben Cotton :
> >
> > == Summary ==
> > Since 2019 the Anaconda installer GUI hosted an option called
> > "Allow
> > SSH root login with password", that made it possible to enable
> > password based root
On Fri, May 14, 2021 at 07:25:26AM -0400, PGNet Dev wrote:
> On 5/14/21 2:05 AM, Juha Tuomala wrote:
> >>here,
> >
> >Sure. But this is devel list. Are developers themselves the target audience?
> >:) Hopefully not. Is it defined somewhere?
>
> by 'here', I meant my company environment, not just
On 5/14/21 2:05 AM, Juha Tuomala wrote:
here,
Sure. But this is devel list. Are developers themselves the target audience?
:) Hopefully not. Is it defined somewhere?
by 'here', I meant my company environment, not just this list.
and, yes, 'developers themselves' -- again, "here" -- *are* a
On Thursday, 13 May 2021 18:50:33 EEST PGNet Dev wrote:
> On 5/13/21 10:48 AM, Juha Tuomala wrote:
> > Virtual machine installation is hopefully a special use case and majority
> > of installations are bare metal end users.
>
> hardly.
>
> here,
Sure. But this is devel list. Are developers
On Thu, May 13, 2021 at 05:48:07PM +0300, Juha Tuomala wrote:
> Virtual machine installation is hopefully a special use case and majority of
> installations are bare metal end users.
Most likely the exact opposite of this, but I don't have the numbers.
(On _my_ systems it's likely to be 100:1
> Am 12.05.2021 um 22:35 schrieb Ben Cotton :
>
> == Summary ==
> Since 2019 the Anaconda installer GUI hosted an option called "Allow
> SSH root login with password", that made it possible to enable
> password based root logins over SSH on the installed system. ... And
> after two years of
On Thu, May 13, 2021 at 9:46 AM Simo Sorce wrote:
>
> On Wed, 2021-05-12 at 16:35 -0400, Ben Cotton wrote:
> > == Benefit to Fedora ==
> > This change makes the Fedora systems installed by Anaconda more secure
> > from remote password guessing attacks targeting the root account as it
> > would no
On 5/13/21 10:48 AM, Juha Tuomala wrote:
Virtual machine installation is hopefully a special use case and majority of
installations are bare metal end users.
hardly.
here, for any given single bare-metal install, between cloud & local VMs, there
are typically *many*/*frequent* VM installs --
On Thursday, 13 May 2021 15:11:19 EEST Roberto Ragusa wrote:
> > Make a plugin interface for adding additional methods to obtain public
> > keys as there are a lot different sources for those. Fedora itself has
> > tools for PKI and public key based security and it would be quite low
> > hanging
On 5/13/21 10:09 AM, Richard W.M. Jones wrote:
Not everyone is installing a public facing server. On my isolated,
non-networked test instances I want to put up a short-lived VM with a
root password of "123456" quickly and no user account, and this option
lets me do that.
this^^ is a _very_
On Wed, May 12, 2021 at 04:35:44PM -0400, Ben Cotton wrote:
> https://fedoraproject.org/wiki/Changes/Drop_Rootpw_SSH_From_Installer
I don't understand why you want to remove this, since it defaults to
off. Sure, add a warning if you like (probably there's one already?)
Not everyone is
On Wed, 2021-05-12 at 16:35 -0400, Ben Cotton wrote:
> == Benefit to Fedora ==
> This change makes the Fedora systems installed by Anaconda more secure
> from remote password guessing attacks targeting the root account as it
> would no longer be possible to configure a system that allows root to
>
On 5/13/21 12:13 PM, Juha Tuomala wrote:
Make a plugin interface for adding additional methods to obtain public keys as
there are a lot different sources for those. Fedora itself has tools for PKI
and public key based security and it would be quite low hanging fruit to fill
the gap between
On Wednesday, 12 May 2021 23:35:44 EEST Ben Cotton wrote:
> * it has been suggested that making it easier to import SSH keys from
> popular code hosting platforms (Pagure, GitHub, GitLab, etc.) could
> provide a nice alternative to the dropped option -
Make a plugin interface for adding
https://fedoraproject.org/wiki/Changes/Drop_Rootpw_SSH_From_Installer
== Summary ==
Since 2019 the Anaconda installer GUI hosted an option called "Allow
SSH root login with password", that made it possible to enable
password based root logins over SSH on the installed system. This was
always
https://fedoraproject.org/wiki/Changes/Drop_Rootpw_SSH_From_Installer
== Summary ==
Since 2019 the Anaconda installer GUI hosted an option called "Allow
SSH root login with password", that made it possible to enable
password based root logins over SSH on the installed system. This was
always
23 matches
Mail list logo