TurnKey Linux Virtual Appliance Library

Discussion about "Powered by Turnkey Linux" led to thoughts of other defaults in ap setups.

L. Arnold's picture

I like having the TKL Footer though I do sometimes consider it a secu. rsk.  What would seem ideal would be to have some controls inserted into various of the Clients admin pages to change the TKL Footer etc..  Probably is when I think of it, but still.

But here is my main thought.  I think it would be worth adding a few more security loops that help admins to control their key rings.  For instance, rather than just assigning passwords to specific user names, it would seem good to allow assigning/or reassigning user names themselves.

Other controls that would have merit would be reassigning things like "admin urls" so that it is more difficult for hackers to even try to get into an appliance.

Finally, all such methods need to work well with TKLBAM, which I am sure makes a strong argument for using default user names and admin urls.

I have, and do consider, renaming different of these variables and I need to test some.  What I worry most about though is not being able to get back in after First Intall then TKLBAM Restores.  What gets swapped and what are the dangers in changing too much.  I definitely want to be able to more comfortably change passwords once and a while.

Liraz Siri's picture

TurnKey is fully customizable

TurnKey is fully customizable so you can of course change default paths and usernames to anything you want, just like you could with any other Linux installation.

The question is whether it makes sense to add some security (some would say security by obscurity) by making it easier to change various variables at the expense of adding complexity to the installation process and increasing the amount of testing that needs to be done.

In this case I think the benefit to security wouldn't be enough to warrant the additional complexity out of the box. Complexity is a currency you only want to pay out when necessity forces it on you rather than something that is just nice to have.

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)