> > If some ignoramus sets a weak password and get's exploited, because
> > of a old default, I don't see why it should become my problem or
> > yours. The Debian maintainers can set whatever default they chose
> > to, as is their right, but why make a decision to ignore the user's
> > right to change that default from a pre-existing method?
>
> I read through this several times and I have no idea what you are
> talking about. Sorry.
That's about the bug report that led to all this:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298138
>
> > If you are going to do so, then why haven't you stated that in the
> > root-forsaken README.Debian? I've seen uses of this selection for
> > enabling login with password from at least over a year ago, so I am
> > not hallucinating about this. /rant Sorry for that.
>
> I think you must be referring to this from your original message.
>
> > I'm trying to use preseeding to automate installation, and
> > openssh-server is ignoring a selection
> > openssh-server openssh-server/permit-root-login bool true
>
> Huh? What? Huh? I can find no documentation supporting the use of
> that construct as a preseed. Where is that documented? Does it
> actually exist? (I don't have the time to try it to find out.)
> I think that is the root of the confusion. You are trying to use the
> above as a preseed but I don't find where that would be a documented
> preseed interface. Please educate me if it is actually documented
> anywhere.
>
> Since I can't find it I can only assume that is where the issue lies.
> It isn't a preseed. You can't set that option at install time with a
> preseed. I know that was Brian's expectation too because Brian
> suggested the option of using late_command in your preseed file and
> setting up a late_command to make the config file change to
> sshd_config so that it would be the value you want. And that would be
> my recommendation too.
To date I haven't been able to find documented lists of preseeds
anywhere, except for the standard debian installer values given in
Debian's and Ubuntu's example preseed files. I found this preseed option
in forum postings somewhere.
My current method, replacing the entire sshd_config, seems a better
option to me than a scripted change in late_command, given that it's not
the only config file I have to change.. I'll stick to that until/unless
I can get a fix to this.
>
> > 2. Wouldn't the right way to make this change be either a) using a
> > select field instead of a boolean or b) treating true as "yes", *and*
> > respecting this selection (assuming debconf has a way of notifying if
> > no value is set), instead of ignoring it?
>
> Assuming this is a documented interface, then okay. But if it isn't
> a documented interface then no.
Are package preseed settings, as opposed to debian-installer ones
documented anywhere?
>
> > 3. If I made a patch to implement 2a or 2b, and it is not crap, would
> > you accept it? Or is this a hard setting on the side of Debian
> > maintainers?
>
> Whether this is accepted in the Debian package is up to the Debain
> maintainers of the openssh package. That package is a team maintained
> package by the debian-ssh team. You would need to contact them. I
> don't think anyone here will know if any of those folks are subscribed
> to the debian-user mailing list. The debian-user mailing list is a
> community support mailing list. We are all simply users here and try
> to help each other out.
>
I would have posted to the original bug, but it's archived.
Thanks. I will perhaps open a new bug report or contact them some other
way. Sorry for the trouble.
> Bob
--
Murukesh Mohanan
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/539b3db1.3040...@cse.iitb.ac.in
