On Sun, Mar 14, 2010 at 11:51, Andy Smith <andy@???> wrote:
> 2) Don't use passwords at all, only keys.
> A lot of people have trouble setting up SSH keys and I would guess
> that very few customers have them before they get a VPS, so setting
> it up out of the box to require keys would be rather limiting. So
> that's (2) out.
Forbidding passwords at all would be rude, but SSH keys definitely
should be strongly promoted, and the best way is a good and visible
guide explaining the very basic principles and setup details.
Keys might be encouraged by key authenication to all services (panel,
nagios, etc). IIRC, steps towards this were announced, but I still
have to reset my password every time I need to log in there! I have no
passwords on my VPS and apparently no working password on console, and
I would like to stop caring about them at all.
After this is implemented, new customers may be offered two options:
— Do you want keys or passwords for auth?
— WTF keys?
—
http://bitfolk.com/keys.html
— Keys! Keys! Of course, keys!!!11111
— Kalan
