14 Mar
2010
14 Mar
'10
11:46 a.m.
On Sun, Mar 14, 2010 at 11:35:42AM +0000, Andy Smith wrote:
Hi Kalan,
And even those of us that should know better don't always follow
the advice... <cough>
Hugo.
--
=== Hugo Mills: hugo@... carfax.org.uk | darksatanic.net | lug.org.uk ===
PGP key: 515C238D from wwwkeys.eu.pgp.net or http://www.carfax.org.uk
--- Well, sir, the floor is yours. But remember, the ---
roof is ours!
Forbidding passwords at all would be rude, but
SSH keys definitely
should be strongly promoted, and the best way is a good and visible
guide explaining the very basic principles and setup details.
The thing about good and visible guides..
Okay, here's a template for the provisioning email:
http://pastie.org/private/qylguieq4zvm7i9sht17w
It hasn't really changed in the last 2 years, You may notice a
subtle yet repeated bit of advice in there.
Maybe it's too subtle, because it didn't really do anything to
decrease the number of support requests to reset console password. I
had to implement email reset instead. It seemed easier than visiting
people in person to etch it on the inside of their eyelids.