On Fri 13 Jun 2014 at 23:36:41 +0530, Murukesh Mohanan wrote:
> That's about the bug report that led to all this:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298138
The usual complaint, I see. password1 is an insecure password for root
to use so we mustn't allow root to log in via ssh.
Murukesh Mohanan wrote:
> Bob Proulx wrote:
> > was documented in the /usr/share/doc/openssh-server/README.Debian.gz
>
> That's about the bug report that led to all this:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298138
I am familiar with that bug report. It is referenced in the
README.
> > If some ignoramus sets a weak password and get's exploited, because
> > of a old default, I don't see why it should become my problem or
> > yours. The Debian maintainers can set whatever default they chose
> > to, as is their right, but why make a decision to ignore the user's
> > right to ch
3 matches
Mail list logo
