GNU bug report logs - #44808
Default to allowing password authentication on leaves users vulnerable

Previous Next

Package: guix;

Reported by: Christopher Lemmer Webber <cwebber <at> dustycloud.org>

Date: Sun, 22 Nov 2020 23:22:01 UTC

Severity: normal

Tags: security

Full log

View this message in rfc822 format

From: Ludovic Courtès <ludo <at> gnu.org>
To: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Cc: Christopher Lemmer Webber <cwebber <at> dustycloud.org>, 44808 <at> debbugs.gnu.org
Subject: bug#44808: Default to allowing password authentication on leaves users vulnerable
Date: Sat, 05 Dec 2020 16:14:35 +0100

Hi!

Maxim Cournoyer <maxim.cournoyer <at> gmail.com> skribis:

>>> I'm on board with what you're proposing, and I think Guix should
>>> default to the more secure option, but I'm not sure that an 
>>> "average user" (whatever that means for Guix's demographic) would
>>> expect that password authentication is disabled by default.
>>
>> That's fair... I think that
>> "[ ] Password authentication? (insecure)"
>> would be sufficient as an option.  How do others feel?
>
> I'm +1 on disabling password access out of the box; especially since
> Guix System makes it easy to authorize SSH keys at installation time.
> We'd have to see if it breaks any of our system tests, but I doubt so.

Agreed.  There are several ways to do that:

  1. Have the installer emit an ‘openssh-configuration’ that explicitly
     disables password authentication.

  2. Change the default value of the relevant field in
     <openssh-configuration>.

#2 is more thorough but also more risky: people could find themselves
locked out of their server after reconfiguration, though this could be
mitigated by a news entry.

Thoughts?

Ludo’.
This bug report was last modified 4 years and 123 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.