| From: | "Thomas E. Spanjaard" <tgen@xxxxxxxxxxxxx> |
| Date: | Sun, 15 Nov 2009 20:08:01 +0000 |
Simon 'corecode' Schubert wrote: > justin@shiningsilence.com wrote: >> Would it be worth changing the new user creation process to autocreate >> keys too? I'm trying to think of ways to reduce the (admittedly already >> small) administrative overhead from this. I don't think it's unlikely for people to want to share keys between hosts, and you still need to have a pubkey from $other_host in you authorized_keys file. > I think not allowing password-based logins will confuse a lot of people. > I don't think that even OpenBSD does this. > > Maybe we should allow users to easily > > 1. enable OPIE (one time passwords) and > 2. disable passwords for ssh > > but best not make this a default. I'm for point 2, but ambivalent about point 1. Cheers, -- Thomas E. Spanjaard tgen@netphreax.net tgen@deepbone.net
Attachment:
signature.asc
Description: OpenPGP digital signature