On Thu, Oct 6, 2016 at 8:24 AM, Stephen Gallagher sgallagh@redhat.com wrote:
We haven't come up with a way that disabling remote root login isn't a huge burden on bootstrapping a new deployment.
I think there's one, and it's really quite simple and elegant I think.
First, we remove (or make very non-obvious) the ability to set a root password in the Anaconda GUI, and force the creation of an administrative user. Then to further bootstrap the machine, you MUST login with that user and use sudo. Ansible natively supports this (using 'become') and Cockpit also supports login by such a user.
Of course, users that needed the ability to set a root password for whatever reason could do so via kickstart.