On 3/21/07, Alexander Boström <abo@xxxxxx> wrote:
ons 2007-03-21 klockan 15:02 -0400 skrev Jon Masters: > IMO, yes. There are few times where I'll argue for services on by > default but SSH is one of those fundamental services that one expects to > have, pretty much on any box where an ssh server is installed. And yes, > I'd argue that even applies to desktop/laptop users :-) *sighs*
I sigh right along with you, I seem to remember bringing up having root logins on by default pre FC6 - FC6 shipped with root logins on by default
I just really doubt there's any reasonable way to prevent bad passwords from being exploited.
Fedora could at _least_ ship with DenyHosts (or similar) in by default as well
So it will happen, and that's just not acceptable. Zombie machines, running Fedora? Come on, we're supposed to be better than that! It's really bad and and it's also bad PR.
I agree
Perhaps forcing people to use good passwords would be possible, but I doubt it.
That's how things were in FC1 and FC2, for some reason, the password strength alerts were removed in prior versions.
I helped a guy install Fedora once, over AIM chat where I didn't actually have any control over the machine... I had to point out to him very explicitly that if he doesn't turn off sshd it'll give him trouble. (Including explaining to him that why it's bad if someone guesses his password and gets access to his machine, it wasn't entirely obvious to him.) I think he got the point and managed to type the right commands to disable it though. /abo
Why didn't you point him to system-config-services? Along the lines of passwords, I had firstboot (or was it Anaconda) die before allowing me to create a regular user, but that's off topic I suppose -- Fedora Core 6 and proud -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
