DSL Ideas and Suggestions :: Security - Features, or afterthought ?
Quote
DSL comes with the ability to change the password of the dsl and root user accounts on a hard drive installed system, so the tools are there if someone wants to use them.
Same with any frugal, pendrive, or liveCD system as well.
Simply add the "secure" option at boottime to your startup entry, or add this option to your lilo.conf/menu.list bootloader configs, and choose some strong passwords when prompted..
73 ke4ntke4nt1, thanks for bringing this up. I forgot about it but just started using it. My question is I am not sure how it works or what exactly it is doing. I realize that it sets passwords for dsl and root, but I am still able to sudo without the password. Sorry for my ignorance, I enjoy the bootcode, just more interested in it and couldnt seem to find much info on it.It can be helpful in many instances.. ssh server? ( ssh into your dsl box ) betaftp server? ( ftp access into your dsl box ) ..anywhere a password is needed to login as user dsl ..
I frequently see the opposite occuring in the forums, where someone is using the betaftp or ssh servers for the first time, and fail to connect, because they don't know the password. It's usually because they haven't created one yet.
Relating to this thread specifically.. If someone wants to use DSL for a base to build a public server, kiosk, ftp site, webserver, then in the interest of security, strong passwords are recommended to be used for all accounts.
73 ke4ntAs always, thanks for bringing me up to speed.
original here.