On Fri, Aug 03, 2001 at 12:46:10PM -0500, David Ehle wrote: > > Howdy all, > > Not debian specific, but this is the best batch of security minds I > have access too so I figured I'd see if this interests anyone. > > I need to set up some Xterminal replacemnets - linux boxes that will > mostly only be running netscape and ssh. > > They are going to be used for visiting staff/students/ect so they need a > guest account with a "bad" password.
Or, use kdm (instead of xdm). It lets you specify which users will be allowed to log in without typing their password. Thus, you leave the guest account with a strong password and don't tell it to anybody, but allow logins as guest from the console via kdm. (BTW, KDM is a decent replacement for XDM. It can launch whatever you want, not just kde.) This makes securing FTP, SSH, etc. a lot less worrisome. (you still might want to block the guest account out of a lot of stuff...) -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , ns.ca) "The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces!" -- Plautus, 200 BCE