-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 14.07.2014 18:34, Kevin Fenzi wrote:
FWIW, I find the idea of setting a non priv user on cloud images like this a kind of strange security theater, but it seems everyone is doing it now. ;(
+1
I'm really not getting this "oh we disable root for security but we enable a user (not called root) to run every command on the system with root privileges and without the need of a password"
this is in no way safer than root access.
also: default usernames can be looked up on the web(e.g. on this ML) so you don't even get some obfuscation by a different username than root.
I really see no reason for this change beside "everyone is doing it!1".
Also cloud-init should work perfectly with root enabled. After all it's a system to change a system at first boot to suite _your_ needs (as a user), so you should be able to pick any username and sudoers config you may want.
kind regards
Sven