SSH on by default? (Was: too many deamons by default - F7 test 2 live cd)
Alexander Boström
abo at kth.se
Tue Mar 20 09:46:41 UTC 2007
tis 2007-03-20 klockan 10:24 +0100 skrev Nicolas Mailhot:
> Disabling ssh is not a good solution, many people need it. However the
> default fedora ssh setup is woefully insecure
I think it can be off by default. To use it securely you should log in
locally and look at or replace the host key anyway, so you might as well
enable it at the same time. (But I guess people use SSH for
better-than-nothing security, rather than checking host keys.)
> At least ssh rate-limiting should be in the default firewall install.
That'll just delay the problem.
> Haven't we sat on this problem too long already ?
This I can agree with. :)
/abo
More information about the fedora-devel-list
mailing list