On Sun, 18 Jun 2023 20:07:35 +0200 "Carlos E. R." <robin.listas@telefonica.net> wrote:
It is a problem when installing remotely, for those that forget to read that detail. The have no access to the newly installed machine.
Is it possible for the installer to detect that it is a remote installation? If so, then perhaps there's an obvious solution. Default to closed for local installations and default to open for a remote installation, but somehow ensure some sort of authorisation is required to be set up. If it's not possible to determine a remote installation (which I suspect is unlikely, but ...) then I'd suggest making it default to closed always, and giving a clear prompt to be confirmed. A person doing a remote installation is unlikely to make the same mistake twice! Thinking about security has moved on since the last decision was made I suspect. What was raspbian has had a fairly neat solution for years.