Announcement

Collapse
No announcement yet.

Fedora 35 Might Drop Installer Option To "Allow SSH Root Login With Password"

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #1

    Fedora 35 Might Drop Installer Option To "Allow SSH Root Login With Password"

    Phoronix: Fedora 35 Might Drop Installer Option To "Allow SSH Root Login With Password"

    A Fedora 35 change proposal submitted this week that is ruffling some feathers is over removing the "allow SSH root login with password" option from Fedora's Anaconda installer...

    Fedora 35 Might Drop Installer Option To "Allow SSH Root Login With Password" - Phoronix
    https://www.phoronix.com/scan.php?page=news_item&px=Fedora-35-Install-Root-SSH-PW
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    After reading both sides of that argument -- chalk me into the crowd of this sentiment:

    • Likes 2

    Comment

    • #3
      Password-based root SSH logins are NOT convenient.

      I like the use key from github id option
      • Likes 2

      Comment

      • #4
        Originally posted by elatllat View Post
        Password-based root SSH logins are NOT convenient.

        I like the use key from github id option
        For some people they are. The Fedora VM team seems to be against this change. The worst part about this that this is a non-default option being removed. Leaving it as-is literally changes nothing for people who don't use it and about all it achieves is removing functionality that some people have come to expect. All they really need to do is add some sort of warning, if it doesn't already exist, about how you might be able to be brute-forced if you're not smart enough to set a firewall rule blocking lots of SSH attempts...or just create that firewall rule for us...

        Don't remove the option when a fix can be implemented.
        • Likes 11

        Comment

        • #5
          It's nice for bootstrapping a system remotely and then turning it off, I suppose.
          • Likes 1

          Comment

          • #6
            @skeevy420 All they really need to do is add some sort of warning, if it doesn't already exist, about how you might be able to be brute-forced if you're not smart enough to set a firewall rule blocking lots of SSH attempts...or just create that firewall rule for us...
            100% doable. for curious installers, its an education and warning!!!!!

            Comment

            • #7
              Security in the palm of Fedora's hands!

              (I remember when I got to decide things. Freedom is overrated.)
              • Likes 2

              Comment

              • #8
                Originally posted by cjcox View Post
                Security in the palm of Fedora's hands!

                (I remember when I got to decide things. Freedom is overrated.)
                No one's taking away the ability to decide, one can still enable it if they need it. Arguably those who need it should be turning it on and not the other way around.
                Don't expect much and seldom disappointed.
                • Likes 2

                Comment

                • #9
                  its a good thing that they did not disable the network entirely
                  • Likes 6

                  Comment

                  • #10
                    Originally posted by skeevy420 View Post

                    For some people they are. The Fedora VM team seems to be against this change. The worst part about this that this is a non-default option being removed. Leaving it as-is literally changes nothing for people who don't use it and about all it achieves is removing functionality that some people have come to expect. All they really need to do is add some sort of warning, if it doesn't already exist, about how you might be able to be brute-forced if you're not smart enough to set a firewall rule blocking lots of SSH attempts...or just create that firewall rule for us...

                    Don't remove the option when a fix can be implemented.
                    Yeah, I don't like this trend of "You're children who don't know what you're doing and we adults will decide what's good and not good for you".

                    We use open source software because we want control over our software and the freedom to make our own decisions and choices.

                    It's pretty obvious that the cyber security world needs mental health therapy and counseling, they need to accept that they can't control everything and prevent every bad thing in the world from happening. They need to accept that people should have the freedom to make their own choices, even if it results in security problems.

                    You can't put a shield around the world and lock it away forever.
                    • Likes 9

                    Comment

                    Previous 1 2 3 template Next
                    Working...
                    X