[CentOS-devel] Cloud image default login
Sven Kieske
svenkieske at gmail.com
Mon Jul 14 19:18:58 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 14.07.2014 18:34, Kevin Fenzi wrote:
> FWIW, I find the idea of setting a non priv user on cloud images
> like this a kind of strange security theater, but it seems everyone
> is doing it now. ;(
+1
I'm really not getting this
"oh we disable root for security
but we enable a user (not called
root) to run every command on the system
with root privileges and without the need
of a password"
this is in no way safer than root access.
also: default usernames can be looked up
on the web(e.g. on this ML) so you don't even
get some obfuscation by a different username than
root.
I really see no reason for this change
beside "everyone is doing it!1".
Also cloud-init should work perfectly with root enabled.
After all it's a system to change a system at first boot
to suite _your_ needs (as a user), so you should be able to
pick any username and sudoers config you may want.
kind regards
Sven
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQGcBAEBAgAGBQJTxC0iAAoJEAq0kGAWDrqlXh8MAIcbUo7rIzTdiDu3BqjRqtiP
XOkshfFFjNbpt2bGEcs4GQgaXremCBpxU/+httQ6abOzdBXHtId+4YzoQv1uHNgL
2nkR+LSPEVzbCDMB910F9QpYXOnikLdqbjSIH47DYQ+03xYU3snnDJybnc1Bcevb
0EDBsnH+oDYfrKY9w4j8LFHIhcsO01tXmVqOAHBrizD0u9mP5+hgN+fYW6w2mkgj
Zv9lDbnF6ry+duU8lhxFL+WIP9GyXYK0jG/gMIumSbN5jlPlzt7572CyZBMLIiNs
CltHk71jGFdnTSD/xNzYfEalT0hfKNSwKXVZ917OLzez7b5mpM5Hciyp08QThwjh
hiuXszYag1aZ38t/jWrqSBpynHZX5woNneM9BIgTFV4rm0vsIhG6LNGz7FZF6K9H
1utXnh3LAbd/LVPn5cSDHNlWgZzr0Y78r1NIKEYyOn/kRdkUrFsiLHIiFpyx+A2m
uiZiDFV4frhsmVSaj/fakL7ddDqsboTEUnCpND4vDw==
=zlLj
-----END PGP SIGNATURE-----
More information about the CentOS-devel
mailing list