>When accessing the terminal/tty, the default username and password is gamer. Because /etc is read-only, this password cannot be changed.

Oh noes! A little further down they say you can get it online using an Ethernet cable and a command. Let’s just hope its never able to be an ssh host. These kind of things scare me from a security standpoint. I feel like the users and /etc/passed should probably be writable so people can change the default to something not published online.

The SSH config seems to enable SSH but disable password authentication. I'm not sure what authentication that leaves open (I'm guessing ~/.ssh/authorized_keys) but gamer:gamer won't get you in over the ethernet by default at least.

It probably doesn’t belong to the group. Disabling password logins is good. That means ONLY authorized key auth is enabled or ldap/ad/domain. I should check out the sshd.conf before I talk out of my ass about what it should do…

It’s just one of those spidey-senses that goes off when there’s a default user, a read-only filesystem, and internet enabled *nix