New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Further suggestion: absolutely do not whitelist
ssh-rsa
. We all use ed25519, ecdsa, etc. Don't fucking force ssh-rsaOr custom post install scripting support.
Cloud-init would be nice. But the friction is still high enough for many to not use it.
I think ssh key import would make sense especially for providers that already allow manual ssh key importing.
So many providers send insecure root passwords (like 10 characters, no symbols) via email, so I really doubt this will happen any time soon... One can dream though
That is indeed a major but sadly common idiocy. But are there really good and practically feasible alternatives?
Force people to provide a SSH key when they create a VPS from a template.
I usually install from ISO so it's not an issue for me personally, but I've seen people just use the insecure emailed root password forever, never changing it.
We usually don’t send any password, neither do we ask for one (process updated around year and half back).
Instead our welcome email tells new member to login to the control panel and create a new password.
Pretty simple, neat and effective
A good option, but one that isn't feasible with many customers who simply wouldn't know how to generate a key.
If someone doesn't know how to generate a key, and also doesn't know how to Google for instructions, they probably shouldn't be running an unmanaged server that's publicly accessible over the internet...
Absolutely full ACK - but they do.