[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[K12OSN] Safety of Allowing Access from Internet

Forgive the stupid question, but how dangerous is it to have a k12ltsp server visible from the internet? (A recent thread has made me wonder...)

I'm thinking of allowing ssh access (only) so that I could administer the machine from home and, if that goes well, maybe allowing the kids to access the machine to work from home, especially to backup their work from school.

Currently, this isn't allowed by the county's IT office, and getting it set up will involve much begging and pleading, preferably with some decent facts to back myself up. Given that no login names or passwords would be sent in clear text and the machine would have an IP address but no hostname, am I really opening myself up to major scariness?

On the same topic, the system tells people when they pick a bad password, but it will let them do it in spite of that. Is there a way to enforce good password selection using the system already in place? (I look over my kids' shoulders when they first create accounts and make them pick a good password, but there's nothing to stop them from changing them to something easy later.)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]