On Tue 15 Mar 05, 11:13 AM, Bill Kendrick <[EMAIL PROTECTED]> said:
On Tue, Mar 15, 2005 at 10:46:15AM -0800, Jonathan Stickel wrote:
It bothers me that Fedora turns sshd on by default.
A naive user could set a silly root password, and they'll be cracked in a few hours.
Does it allow root to SSH in by default? (I've seen setups which specifically do /not/.)
Jonathan, I think this is overcautious.
There is no concept of absolute security. Security all about compromise: What inconveniences are you willing to suffer through in the name of keeping your system secure? That's the question we all ask, implicitly or explicitly.
Installing a daemon to allow remote login to your computer, I feel, falls well on the side of acceptable for most uses of a computer.
If you're installing a system that needs to be SO secure that an ssh daemon is undesirable, your kung-fu is probably good enough that you're well aware sshd got installed and you know how to disable it.
At that level, either your kung-fu is good enough of you hire a professional staff to take care of your IT.
Oh, I agree with you. Most of us want to have ssh ability. I'm thinking of all the newbies I help install linux for who have no idea that a remote login is even possible. Then they complain about having to use root all the time, and they change the root password to something silly, like "root". Then they get hacked through ssh and exclaim "I thought you said Linux was secure!"
I think that if you want ssh, you will know what it is and will know to enable it. It just occurred to me, though, that Fedora's firewall automatically blocks the ssh daemon. So Fedora is secure by default after all.
Jonathan _______________________________________________ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
