Re: able to login as root via ssh :-(

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2006-08-08 at 14:45 -0400, Robert Locke wrote:
> > [snip]
> > > In order for a remote system to be in a state that remote access is even
> > > possible, there must be an OS already running. In order to install the
> > > first OS, physical access to the box must be required. It has to be
> > > physically connected etc. At the very least the power has to be turned
> > > on.. it might then proceed to do a network install...
> > >
> > > At that first install time is when a second user id should be created....
> > 
> > Non-root users are creating doing firstboot, not during the install.  If
> > you aren't there to go through the firstboot process, you can't create any
> > users other than via root.
> > 
> > I don't recall off the top of my head what kickstart lets you do with
> > respect to user creation.  It is conceivable that using kickstart to do a
> > PXE install will leave a headless machine with no way to access it except
> > via a root ssh session.
> 
> Well, kickstart and/or the interactive install could tie you in to
> various network directories like NIS or something LDAP based to give you
> non-root users...
> 
> But, of course, kickstart could add a user in a myriad of ways to the
> local passwd/shadow/group files during the %post section like:
> useradd -p encryptedpassword username

I'm not quite sure I see the point of this unless it is a
checkbox item in someones theoretical 'best practices' list.
How much of an install can you do as someone other than root?

-- 
 Les Mikesell
   lesmikesell@xxxxxxxxx


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux