On Monday, February 13, 2012 12:42:14 AM UTC-8, emil wrote: > > Right at the moment loggins are not disabled but all servers (ssh, > ftp) are off by default. Passwords for the accounts are not published > (my defaults are like strong 20 char passwords).
Thats fine as long as you don't use MD5 for password hashes (no distribution past ~2008, I guess). But its security relies on you never handing out the password to anybody, so I don't understand why you don't disable logins directly if you want to make the VM a sealed box. > It is stated in the docs of the VM, that one should change passwords > before using the sage server. Well if you don't hand out the password then that would be difficult to do, non? Of course you can always modify a VM that is running on your computer but its not exactly a friendly process for new users ;-) -- To post to this group, send email to sage-support@googlegroups.com To unsubscribe from this group, send email to sage-support+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-support URL: http://www.sagemath.org