[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#26695: openssh password-authentication? should be #f by default
|
From: |
Maxim Cournoyer |
|
Subject: |
bug#26695: openssh password-authentication? should be #f by default |
|
Date: |
Fri, 28 Apr 2017 09:09:51 -0700 |
|
User-agent: |
K-9 Mail for Android |
On April 28, 2017 7:37:13 AM PDT, Christopher Allan Webber <address@hidden>
wrote:
>Our default permits password authentication for the openssh service
>(and
>the others it seems) by default in Guix. This is somewhat dangerous
>because this is a much easier to break in this way, and some users
>might
>not assume the default is reasonably safe. If users really want
>password-authentication, they should turn it on explicitly.
+1. Although it means the keys will have to be copied by another mean than the
"ssh-copy-id" script. Maybe the configuration could accept the public key? :) I
haven't checked if this is already possible.