[bind10-dev] Initial authentication setup
Shane Kerr
shane at isc.org
Thu Jan 17 18:17:48 UTC 2013
All,
On Wednesday, 2013-01-09 17:21:03 +0100,
Shane Kerr <shane at isc.org> wrote:
>
> Perhaps we should no longer ship a default account?
>
> We could have bindctl report something if this has not yet been done:
>
> $ bindctl
> Please configure a user account using the b10-cmdctl-usermgr program
>
> This would require a change in the startup of bindctl to connect to
> the server before asking for user/password - but that's probably a
> good idea anyway. It would also require the cmdctl recognize that
> there are no users and report that via our RESTful API, but these
> seem simple changes.
>
> Even without that change, we should probably still disable the default
> account. Having default logins is a sure recipe for hacked systems. :(
Since there's no feedback, I assume that this is another brilliant idea
from me and that everyone agrees. I'll go ahead and make a ticket for
the backlog!
--
Shane
More information about the bind10-dev
mailing list