Jochen Hein wrote: > [This is with the old boot-floppies, can't see if it is fixed. > Changelog says: > "- s390: don't modify etc/passwd on the initrd any longer"]
This has not been changed in the current boot-flopppies, the modification to /etc/passwd is not necessary any longer because /bin/login is a custon program that just spawns a shell. We save over 300 KB this way because we can remove PAM from the initial RAM disk. > After that, you telnet into the box and the first session starts the > rest of the install. Any other connect gives a root prompt without > asking for a password - so any user in your net may drop into the > system and screw up your installation. I don't think asking for a password is more secure. Your tn3270 and telnet sessions are not encrypted so everybody on the net can sniff your password. IMHO setting a password only gives the false impresseion of a secure installation. > Caiman asks for a new password and start inetd only after stat. I > think, that should be how it is done. This means that we will have to add PAM again, making the initrd larger. Once ssh moves from non-US to main we might include it together with PAM into the initial RAM disk. This way your first connection can be encrypted and the password will not be transmitted in clear text when it's set in base-config. -- Stefan Gybas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
