From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id 8DZDDgPhu19HQQAA0tVLHw (envelope-from ) for ; Mon, 23 Nov 2020 16:19:15 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id ULkZCgPhu19bBQAAbx9fmQ (envelope-from ) for ; Mon, 23 Nov 2020 16:19:15 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id B9EC59400D3 for ; Mon, 23 Nov 2020 16:19:14 +0000 (UTC) Received: from localhost ([::1]:37956 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1khEYb-0007Ev-Nw for larch@yhetil.org; Mon, 23 Nov 2020 11:19:13 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:44310) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1khEYQ-0007Eb-UB for bug-guix@gnu.org; Mon, 23 Nov 2020 11:19:02 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:39296) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1khEYQ-0003Si-NY for bug-guix@gnu.org; Mon, 23 Nov 2020 11:19:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1khEYQ-0005HN-JT for bug-guix@gnu.org; Mon, 23 Nov 2020 11:19:02 -0500 X-Loop: help-debbugs@gnu.org Subject: bug#44808: Default to allowing password authentication on leaves users vulnerable Resent-From: Christopher Lemmer Webber Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Mon, 23 Nov 2020 16:19:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 44808 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Carlo Zancanaro Received: via spool by 44808-submit@debbugs.gnu.org id=B44808.160614833320271 (code B ref 44808); Mon, 23 Nov 2020 16:19:02 +0000 Received: (at 44808) by debbugs.gnu.org; 23 Nov 2020 16:18:53 +0000 Received: from localhost ([127.0.0.1]:50841 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1khEYH-0005Gt-5n for submit@debbugs.gnu.org; Mon, 23 Nov 2020 11:18:53 -0500 Received: from dustycloud.org ([50.116.34.160]:58008) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1khEYF-0005Gl-LY for 44808@debbugs.gnu.org; Mon, 23 Nov 2020 11:18:51 -0500 Received: from twig (localhost [127.0.0.1]) by dustycloud.org (Postfix) with ESMTPS id 4E8E2266EC; Mon, 23 Nov 2020 11:18:27 -0500 (EST) References: <878sat3rnn.fsf@dustycloud.org> <874klgybbs.fsf@zancanaro.id.au> User-agent: mu4e 1.4.13; emacs 27.1 From: Christopher Lemmer Webber In-reply-to: <874klgybbs.fsf@zancanaro.id.au> Date: Mon, 23 Nov 2020 11:17:58 -0500 Message-ID: <87im9w2gjt.fsf@dustycloud.org> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -1.0 (-) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 44808@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: ns3122888.ip-94-23-21.eu Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: 0jmvE6kJ8Qle Carlo Zancanaro writes: > Hey Chris! > > On Mon, Nov 23 2020, Christopher Lemmer Webber wrote: >> ... Plus, few distributions do what we're doing anymore, precisely >> because of wanting to be secure by default. > > Is this true? Debian defaults to passwords being allowed. I think it > even allows root login by default. At least, I have always had to add > "PermitRootLogin no" and "PasswordAuthentication no" whenever I > install openssh-server on debian. Perhaps I'm wrong... I had thought that the last time I installed a Debian server, password based access was off by default. But I could be wrong. > I'm on board with what you're proposing, and I think Guix should > default to the more secure option, but I'm not sure that an > "average user" (whatever that means for Guix's demographic) would > expect that password authentication is disabled by default. That's fair... I think that "[ ] Password authentication? (insecure)" would be sufficient as an option. How do others feel?