Hi Chris, Christopher Lemmer Webber <cweb...@dustycloud.org> skribis:
> Ludovic Courtès writes: [...] >> Agreed. There are several ways to do that: >> >> 1. Have the installer emit an ‘openssh-configuration’ that explicitly >> disables password authentication. >> >> 2. Change the default value of the relevant field in >> <openssh-configuration>. >> >> #2 is more thorough but also more risky: people could find themselves >> locked out of their server after reconfiguration, though this could be >> mitigated by a news entry. >> >> Thoughts? >> >> Ludo’. > > We could also do a combination of the above, as a transitional plan: > do #1 for now, but try to advertise that in the future, the default will > be changing... please explicitly set password access to #t if you need > this! Then in the *following* release, change the default. > > This seems like a reasonable transition plan, kind of akin to a > deprecation process? Sounds like a plan. I went ahead and pushed aecd2a13cbd8301d0fdeafcacbf69e12cc3f6138 which does this. Thanks, Ludo’.
