SSHd
Matthias Saou
thias at spam.spam.spam.spam.spam.spam.spam.egg.and.spam.freshrpms.net
Mon Aug 21 19:35:14 UTC 2006
Jeremy Katz wrote :
> On Mon, 2006-08-21 at 13:44 -0400, seth vidal wrote:
> > On Mon, 2006-08-21 at 13:14 -0400, Bill Nottingham wrote:
> > > It's just that realistically, changing this would essentially mean
> > > "any headless machine will not be able to be logged into without kickstart
> > > machinations". I don't think that's an improvement.
> >
> > This is, in fact, the point.
> >
> > Think of it this way:
> >
> > - httpd defaults to off when it is installed
> > - should we have it on b/c if you can't get to the shell then you
> > can't turn it on?
>
> One difference is that httpd doesn't provide what could well be "the
> shell"...
Nor does it provide any kind of useful service before any further
configuration is made or files put into place. OTOH, sshd as root right
after install is what I consider a useful service. From there, everyone
is free to harden the access as they wish.
Matthias
--
Clean custom Red Hat Linux rpm packages : http://freshrpms.net/
Fedora Core release 5.91 (FC6 Test2) - Linux kernel 2.6.17-1.2532.fc6
Load : 2.34 2.13 1.30
More information about the fedora-devel-list
mailing list