Minimal Install Option
Joe
joe at tmsusa.com
Thu Aug 21 18:00:15 UTC 2003
Chris Ricker wrote:
>On Thu, 21 Aug 2003, Pekka Savola wrote:
>
>
>
>>On Thu, 21 Aug 2003, Chris Ricker wrote:
>>
>>
>>>>I'm not sure you are disagreeing with me here. Are you saying don't
>>>>remote log in to a firewall at all, or are you agreeing with me?
>>>>
>>>>
>>>I'm disagreeing. The last thing a fw should do is run a service, let
>>>alone one with the security history of ssh.... Manage over serial.
>>>
>>>
>>Disagree. Set your access controls in /etc/hosts.allow for sshd and you're
>>done :-)
>>
>>
>
>and then join the OpenSSL / OpenSSH exploit train.... No, thanks!
>
>This is all just proving my point, which was that no one can even agree
>on what a minimal machine should be.
>
>
>
"exploit train?" hmm, you don't seem to be quite up to speed on openssh
- I suppose you haven't heard about privelege separation etc? openssh is
just about the most secure connection method out there.
What do you propose for remote shell access, telnet?
Joe
More information about the fedora-test-list
mailing list