On Fri, Jan 29, 2016 at 04:36:58PM -0500, Antoine Beaupré wrote: > So this definitely need coordination with the openssh maintainers at > this point, to at least confirm or infirm the "usability over security" > decision that happened all that while ago.
I did that recently, and came to the conclusion that the upstream default isn't just unusable, it's laughably unusable: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765632#41 debian-devel wasn't unanimous, but those people who responded from desktop development communities (Josselin) indicated that there was negligible interest in doing anything about this. So no, unless the latter state of affairs changes I am not going to change this. Sorry. A different solution must be found. > It seems unreasonable to expose users to such a security issue just > for the convenience of some setups that could easily be fixed. Fine words, and you're not the first to utter them; but they need to be backed up with action in graphical toolkits, and such action has not been in evidence for a decade or more. -- Colin Watson [cjwat...@debian.org]
