[App_rpt-users] What is the "debian" user in the DIAL distro?
szingman at msgstor.com
Thu May 11 12:42:38 EDT 2017
I agree that things need to be tightened up. Now that the mandate has
changed, those things are changing. I would welcome someone taking on
the guidance in system administration piece of the puzzle.
73, Steve N4IRS
On 5/11/2017 12:35 PM, Thor Wiegman wrote:
> You're not the first person I'm aware of to have this type of
> problem. AllStarLink nodes are an easy target to become bitcoin
> miners and members of botnets. Most people installing these nodes
> don't know the basics of Linux system administration and the defaults
> aren't even remotely secure.
> Not only should that "debian" user be deleted, the appropriate changes
> to SSH need to be made to prevent the superuser "root" from logging in
> remotely. That is one of the first things that everyone needs to be
> change after installation of a DIAL system, not sure why it's even
> allowed by default.
> I've noticed that a lot of node ops tend to login as root and execute
> commands as the root user. Crazy! It's an extremely dangerous and
> insecure thing to do, but people new to Linux don't know any better.
> It would be nice if the default installation were setup in such a way
> that prevented or discouraged login by the superuser. It's odd that
> sudo doesn't appear to be installed by default. Would be very nice if
> the installation script prompted for the creation of a user account
> with proper permissions in much the same way as standard distros do.
> Not perfect, but it's a start.
> Most of these systems are being run by people who are new to Linux.
> They don't know about Linux/Unix system administration and nobody is
> "elmering" them in it. The result is people taking dangerous
> shortcuts and developing bad habits. The community would benefit from
> some guidance in system administration as well as from some improved
> defaults in the distro.
> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org
>> What is the "debian" user in the DIAL distro?
> App_rpt-users mailing list
> App_rpt-users at lists.allstarlink.org
> To unsubscribe from this list please visit
> and scroll down to the bottom of the page. Enter your email address
> and press the "Unsubscribe or edit options button"
> You do not need a password to unsubscribe, you can do it via email
> confirmation. If you have trouble unsubscribing, please send a message
> to the list detailing the problem.
More information about the App_rpt-users