[CentOS] Fedora change that will probably affect RHEL

Tue Jul 28 19:06:55 UTC 2015
Chris Adams <linux at cmadams.net>

Once upon a time, Warren Young <wyml at etr-usa.com> said:
> Much of the evil on the Internet today — DDoS armies, spam spewers, phishing botnets — is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords.

Since most of that crap comes from Windows hosts, the security of Linux
SSH passwords seems hardly relevant.

> Your freedom to use any password you like stops at the point where exercising that freedom creates a risk to other people’s machines.

Your freedom to dictate terms to me stops at my system, which you cannot
access even if I set the password to "12345".  You are making an
assumption that every Fedora/CentOS install is on the public Internet,
and then applying rules based on that (false) assumption.

When root can override a password policy after install, forcing a policy
during install is nothing but stupid and irritating.  Despite what was
said on the Fedora list, this was an active change taken by anaconda
developers (to take out the "click again to accept anyway" option), so
they should expect people to complain to them and be prepared to handle
the response.

Chris Adams <linux at cmadams.net>