1
edit
Changes
Created page with '== Password Management == By default this mix is pretty strict about passwords: * it is very keen on eliminating poor suggestions - I find that most of them won't be acceptable …'
== Password Management ==
By default this mix is pretty strict about passwords:
* it is very keen on eliminating poor suggestions - I find that most of them won't be acceptable
* it won't let you choose a new password more than three times before abandoning the attempt - you must be on-the-ball to spot when you have been successful otherwise you might get very confused
* once successful it will only let you use the same password for a fixed amount of time
Unfortunately, if you don't use a network connection the remix won't know the time. This means that it will, very often, decide that you need to change your password.
Naturally the password system (PAM) won't let you use the same password twice in succession, so you will need to choose at least two acceptable passwords to use the system for any time.
I think it would be very useful to put information about how you change the password usage policy on this page.... just so that a new Raspberry Pi user can maintain sanity.
== Root Access ==
/etc/sudoers is set up so that, logging on as a non-root user does won't let you use sudo. Most of the things you might want to do initially need root access. Every request for a new password is an opportunity for PAM to ask you to update your password and (noted above) this can be tedious. It might be worthwhile either to:
* advise that users always log on as root
* advise how to update /etc/sudoers to allow the user to use sudo ... probably without a password
[... as a former computer security consultant these suggestions are not easy for me to make, but I do feel that the system is verging on unsuable without some modification. Perhaps it would be sufficient to eliminate the time-dependency on password changes from PAM?]
By default this mix is pretty strict about passwords:
* it is very keen on eliminating poor suggestions - I find that most of them won't be acceptable
* it won't let you choose a new password more than three times before abandoning the attempt - you must be on-the-ball to spot when you have been successful otherwise you might get very confused
* once successful it will only let you use the same password for a fixed amount of time
Unfortunately, if you don't use a network connection the remix won't know the time. This means that it will, very often, decide that you need to change your password.
Naturally the password system (PAM) won't let you use the same password twice in succession, so you will need to choose at least two acceptable passwords to use the system for any time.
I think it would be very useful to put information about how you change the password usage policy on this page.... just so that a new Raspberry Pi user can maintain sanity.
== Root Access ==
/etc/sudoers is set up so that, logging on as a non-root user does won't let you use sudo. Most of the things you might want to do initially need root access. Every request for a new password is an opportunity for PAM to ask you to update your password and (noted above) this can be tedious. It might be worthwhile either to:
* advise that users always log on as root
* advise how to update /etc/sudoers to allow the user to use sudo ... probably without a password
[... as a former computer security consultant these suggestions are not easy for me to make, but I do feel that the system is verging on unsuable without some modification. Perhaps it would be sufficient to eliminate the time-dependency on password changes from PAM?]