Re: SSH on by default? (Was: too many deamons by default - F7 test 2 live cd)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tomas Mraz wrote:
On Wed, 2007-03-21 at 20:42 +0100, Thomas M Steenholdt wrote:

I agree that compromising a user account is still bad. But not nearly as bad as root access (if one must choose), but if root access through ssh is disabled by default, attack scripts would have to *guess* a user to bruteforce and can't rely on bruteforcing "root" who exists on every *nix system. So this would allow immediate ssh access to admins (ssh as user and su -) to newly installed machines. Admin is free to remotely log in, install public keys and reconfigure sshd as he sees fit, but he's allowed to do it from his administrative workstation instead of the physical machine console. This makes a lot of sense in my world.

Except the regular users are created in firstboot which might be
inaccessible when the system is installed remotely.


Perhaps this could be changed, if need be.

/Thomas

--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux