Hi! Maxim Cournoyer skribis: >>> I'm on board with what you're proposing, and I think Guix should >>> default to the more secure option, but I'm not sure that an >>> "average user" (whatever that means for Guix's demographic) would >>> expect that password authentication is disabled by default. >> >> That's fair... I think that >> "[ ] Password authentication? (insecure)" >> would be sufficient as an option. How do others feel? > > I'm +1 on disabling password access out of the box; especially since > Guix System makes it easy to authorize SSH keys at installation time. > We'd have to see if it breaks any of our system tests, but I doubt so. Agreed. There are several ways to do that: 1. Have the installer emit an ‘openssh-configuration’ that explicitly disables password authentication. 2. Change the default value of the relevant field in . #2 is more thorough but also more risky: people could find themselves locked out of their server after reconfiguration, though this could be mitigated by a news entry. Thoughts? Ludo’.