On Thu, Oct 6, 2016 at 8:24 AM, Stephen Gallagher <sgallagh(a)redhat.com> wrote:
We haven't come up with a way that disabling remote root login
isn't a huge
burden on bootstrapping a new deployment.
I think there's one, and it's really quite simple and elegant I think.
First, we remove (or make very non-obvious) the ability to set a root
password in the Anaconda GUI, and force the creation of an
administrative user. Then to further bootstrap the machine, you MUST
login with that user and use sudo. Ansible natively supports this
(using 'become') and Cockpit also supports login by such a user.
Of course, users that needed the ability to set a root password for
whatever reason could do so via kickstart.