Summarizing yesterday's discussion with the Security Team:
- we would like password auth disabled by default on installation of
openssh-server via the server image, just as via the cloud image
- the admin can set up password auth post-install
- (optional) this can be a debconf question, so that the admin can pre-seed
enabling of password auth at install time.
- with the above requirements met, the Security Team is ok with having
openssh-server installed by default, and listening on port 22, on a server
install as well as on a cloud image.
- no requirements were expressed on the behavior of openssh-server if manually
installed by the admin post installation.
- (optional) ideally, the openssh-server systemd units would be adjusted for
lazy socket-based activation, so that this is not an additional server process
running (and taking up swap space / process table space) until asked for.
Opening a task on the openssh package.
** Also affects: openssh (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1576353
Title:
install openssh-server by default, prompt for enabling it on server
iso install
Status in Ubuntu CD Images:
New
Status in openssh package in Ubuntu:
New
Bug description:
we want to remove 'cloud-image' seed and join it with 'server' seed.
openssh-server is one of the few (3) packages that are in cloud image and not
in 'ubuntu-server'.
We'd like to have the server iso install openssh-server by default and
prompt the user if they want to enable it or not.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-cdimage/+bug/1576353/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
