On 13/12/16 19:35, Dan Kegel wrote: > I'm very confused. You have SSO. You tell people to create an SSO > account to use the device. Yet SSO can't be used to log into the > system at the console. ??
SSH keys associated with the SSO account are pulled into the device, so you can SSH to it. We could enable console (as in keyboard-and-monitor-on-device) access too, if we want, that's what's open for discussion. There are lots of ways to do that, simplistically just by asking for a login password to be set during the device activation step that you saw. But the concern is that users will reuse an important password when doing so. We have 2-factor capabilities that might be useful. In general, I would say we are open to suggestion but mindful of the opportunity to raise the bar for device security. Also, we're mindful of the fact that these devices will not be used every day. So passwords that are unique to the device will easily be forgotten. All of that led us to the SSH approach that you see now. It's not a final position, those are just the things to think about in the discussion. Mark -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
