On Fri, Jan 22, 2010 at 08:26:58PM -0000, Lars Noodén wrote: > "The default Ubuntu Server install does *not* have openssh-server > installed." > > Ok, then that's a separate bug needing a separate bug report. >
As outlined on the Security Team policies [1] No Open Ports Default installations of Ubuntu must have no listening network services after initial install. Exceptions to this rule include network infrastructure services such as the DHCP client and mDNS (Avahi/ZeroConf, see ZeroConfPolicySpec for implementation details and justification). When installing Ubuntu Server, the administrator can, of course, select specific services to install beyond the defaults (e.g. Apache). [1]: https://wiki.ubuntu.com/SecurityTeam/Policies So there is no need to open a new bug report about this. If you want to discuss this policy I'd recommend to send your proposal to the ubuntu-devel@ mailing list. A bug report is definitely not the best option to have your thoughts on that matter heard. > Nearly all installations of the openssh-server package, I am guessing > then, are on the Ubuntu Server or an alternate install tuned to be > rather like the Ubuntu Server. Is there a way of getting the popularity > contest data to examine package installation frequency and finding > groupings or clusters of daemons commonly installed together? > I don't think so. It's hard to measure what is installed and what is not. As consequence anyone's numbers are as accurate as anyone else's. > Mathias, did comment #2 answer your question about setting PermitRootLogin to > NO as default would improve the > default openssh-server installation? > Yes - thanks. -- Mathias Gug Ubuntu Developer http://www.ubuntu.com -- OpenSSH server sshd_config PermitRootLogin -> NO https://bugs.launchpad.net/bugs/510732 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
