git: SSHD - Change default security

Matthew Dillon dillon at apollo.backplane.com
Tue Apr 27 15:04:17 PDT 2010


    We could enable sshd by default, assuming we can work out how to ensure
    the random number generator is seeded well enough at install-time to
    create a good host key.  It may well be that by the time the installer
    gets to the end of the install the RNG will be seeded well enough to
    generate secure keys.

    But there is no way I'm going to turn on tunneled plaintext password
    authentication on by default.  That's a major security hole.  Nobody
    should be using it for any reason.

						-Matt





More information about the Commits mailing list