On Mon, Jul 27, 2015 at 3:32 PM, Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> wrote: > On Mon, Jul 27, 2015 at 03:27:03PM -0600, Chris Murphy wrote: >> Firewalld needs to be easier to inform what networks are trusted, so >> that when I go to a cafe it automatically blocks (or drops) requests >> to ports 22, 445, 2049, etc. By default. Without asking me. Just do it >> because I have no good reason having those available when I'm in a >> cafe. And if I do, I'll trust the network. > > Here, we definitely agree. > >> When enabling sshd in the GUI, it should use AllowUsers in sshd_config >> rather than allowing all users access. ClientAliveInterval probably > > I like this too, but editing sshd_config is more than a bit scary. Not the user, the GUI asks a service to do the editing COW style - write out a .new and once that succeeds, then rename current to old and new to current. -- Chris Murphy -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
