Druid wrote:
On Fri, Mar 28, 2008 at 1:37 PM, Per Jessen
wrote: Druid wrote:
Having thought a litle more about it, I definitely vote yes - that change would have only negligible effect for any server-install users, whereas it would not create additional work for desktop-only/mostly newbies with a better default setting.
What exactly is "better" about not starting sshd by default?
Erm, the same thing that is better not having any remote service opened by default? The fact that it could have a vulnerability that could lead to a successful attack?
Doesn't seem to have been much of a problem in the last few years, has it? Also, ssh only becomes vulnerable to an attack when you open the port in the firewall. Even then there is probably still a rate-check to stop brute force attacks.
Its pretty clear why not having a service running by default (specially those offering it to the outside world) is better than the opposite, if you dont see that possibly you just don't want to see.
If that argument was correct, we should let the user run the init-sequence manually.
Now you want to convince everyone that everybody ssh to their own boxes running sshd all the time,
No, I don't. I just don't think it's good idea to change the current setup when the change doesn't bring about an improvement.
and that this is the default usecase around the planet, just because you dont want to run "insserv sshd" once, and additionally its better to change the Earth's rotation instead of you typing those 13 keystrokes (including the enter) so you activate your sshd.
You're not listening. I'm NOT advocating any change. You're the one who wants a change. /Per Jessen, Zürich --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org