FC3 vs. Windows 2000
STYMA, ROBERT E (ROBERT)
stymar at lucent.com
Mon Feb 14 14:25:19 UTC 2005
>
> Not really what you asked but.. if the question includes the
> word hosts.allow
> the answer just has to be no... :-) set something up with ssh
> (ssh-keygen and
> then copy over the public key) - but don't ever ever ever do
> a hosts.allow -
> you might as well just remove the password from the root account
> altogether...
>
> Peter.
>
Well, ssh has tcp wrappers builtin and makes use of /etc/hosts.allow and
/etc/hosts.deny. A common use is to set hosts.deny to "ALL: ALL" Then
only the protcols and ip addresses/subnets specified in hosts.allow are
allowed in. I think you may be thinking of the .rhosts file which has
some serious issues. I tend not to use the ssh-keygen and also have root
access via ssh disabled. This way you have to use a normal user login and
password and then SU. Fortunately, X displayback still works when you do
this. The ssh-keygen does have some interesting uses.
I appreciate all the input. I think I am going to build Tom an FC3 machine.
If it does not work out for him, I can always restage it. If he can stay
alive for 4 more days, he will be out of Iraq and about a month after that
he should be back home.
I have been pushing Fedora on my non-tech friends as I believe it has gotten
to the point of being a useful desktop for the non-technically adept. I built
an FC1 machine for a family where AIM was the most used application. The girls
all like the Fedora machine the better than the windows boxes. Gaim works well
for them and the machine never freezes and stays online (except when the cat
managed to pull the RJ45 out of the back of the box).
Thanks again.
More information about the fedora-list
mailing list