GNU bug report logs - #44808
Default to allowing password authentication on leaves users vulnerable

Previous Next

Package: guix;

Reported by: Christopher Lemmer Webber <cwebber <at> dustycloud.org>

Date: Sun, 22 Nov 2020 23:22:01 UTC

Severity: normal

Tags: security

Full log

View this message in rfc822 format

From: Leo Famulari <leo <at> famulari.name>
To: 44808 <at> debbugs.gnu.org
Subject: bug#44808: Default to allowing password authentication on leaves users vulnerable
Date: Thu, 11 Feb 2021 15:36:17 -0500

On Thu, Feb 11, 2021 at 07:46:51AM +0000, raid5atemyhomework via Bug reports for GNU Guix wrote:
> Hi guix users,
> 
> It strikes me that a better course of action here would be, rather than providing a warning that might not be noticed by the user, to remove the default and force people to explicitly put `password-authentication? #t` or `password-authentication? #f`.

I like this idea.

> 
> That way if I have set up a headless server (possibly having a temporary keyboard/mouse/monitor during initial install, then forever logging in afterwards over intranet using my super secret password "raid5isnotagooddog"), with an existing `configuration.scm` that does not explicitly give the setting, I cannot accidentally lose access to my headless server by doing a random `guix pull && sudo guix system reconfigure configuration.scm` without noticing the warning.
> 
> Especially since there exists an `unattended-upgrades-service-type` which automates this `guix pull && sudo guix system reconfigure configuration.scm`, which makes changing this default ***VERY DANGEROUS*** in this use-case.  I'd rather I noticeably error out in this case.

I agree, changing the default will cause problems, and I'm not convinced
it's a serious problem that warrants changing anyways.
This bug report was last modified 4 years and 122 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.