On Fri 13 Jun 2014 at 23:36:41 +0530, Murukesh Mohanan wrote:
> That's about the bug report that led to all this:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298138
The usual complaint, I see. password1 is an insecure password for root
to use so we mustn't allow root to log in via ssh.
Murukesh Mohanan wrote:
> Bob Proulx wrote:
> > was documented in the /usr/share/doc/openssh-server/README.Debian.gz
>
> That's about the bug report that led to all this:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298138
I am familiar with that bug report. It is referenced in the
README.
> > If some ignoramus sets a weak password and get's exploited, because
> > of a old default, I don't see why it should become my problem or
> > yours. The Debian maintainers can set whatever default they chose
> > to, as is their right, but why make a decision to ignore the user's
> > right to ch
Murukesh Mohanan wrote:
> 1. I have explicitly stated that I am automating new installations.
> I don't understand what repeating that statement back to me means.
> I have read README.Debian, and I don't see how it answers my question,
> which is: *why* are you totally ignoring a user-made selectio
A few points:
1. I have explicitly stated that I am automating new installations.
I don't understand what repeating that statement back to me means.
I have read README.Debian, and I don't see how it answers my question,
which is: *why* are you totally ignoring a user-made selection of
pre-exisitn
A few points:
1. I have explicitly stated that I am automating new installations.
I don't understand what repeating that statement back to me means.
I have read README.Debian, and I don't see how it answers my question,
which is: *why* are you totally ignoring a user-made selection of
pre-exisitn
6 matches
Mail list logo