Mailinglist Archive: opensuse-factory (626 mails)
| < Previous | Next > |
Re: Ad: [opensuse-factory] request for comments: disable ssh daemon by default
- From: "Andreas van dem Helge" <joakimsen@xxxxxxxxx>
- Date: Fri, 28 Mar 2008 14:04:58 -0400
- Message-id: <23fd749a0803281104n6b23ae5pa42036a4cf855fbb@xxxxxxxxxxxxxx>
I think its a valid argument that most users of desktop systems do not
use this feature, and I do agree it does pose a minimal security
threat especially with the poor passwords most users select (but if
you are worried about the RAM that SSHd takes up then your system
doesn't have enough RAM :)
How about for default KDE/Gnome install it is disabled but if you
select the "servers" option in setup it is enabled?
Or why not make it just like the firewall setting (which I never
use... always disable) it just lets the user pick if they want SSHd
running or not.
On Fri, Mar 28, 2008 at 1:23 PM, <birger.kollstrand@xxxxxxxxxxxxxx> wrote:
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
use this feature, and I do agree it does pose a minimal security
threat especially with the poor passwords most users select (but if
you are worried about the RAM that SSHd takes up then your system
doesn't have enough RAM :)
How about for default KDE/Gnome install it is disabled but if you
select the "servers" option in setup it is enabled?
Or why not make it just like the firewall setting (which I never
use... always disable) it just lets the user pick if they want SSHd
running or not.
On Fri, Mar 28, 2008 at 1:23 PM, <birger.kollstrand@xxxxxxxxxxxxxx> wrote:
2008/3/28, Marcus Meissner <meissner@xxxxxxx>:---------------------------------------------------------------------
> Hi,
>
> We are thinking about disabling the ssh daemon by default.
>
> Reason is that it most desktop users do not use it all
> and it is just taking away memory for those, and also
> presenting an attack surface once the firewall is disabled.
>
> Also its is blocked by the firewall from remote by default.
>
> Reenabling it would be as simble as:
>
> insserv sshd
> rcsshd start
>
> We are still undecided whether to do so or not.
>
> Ciao, Marcus
> --
> Working, but not speaking, for the following german company:
> SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
> For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
Please , do not change this.
In engineering environments ssh is used all the time. In our company
it's essential in several manners. We use it for user/server support,
remote login, fish:// files from other machines and we also use the NX
desktop solution extensively.
So , please. Do not change this for the sake of a few newbies. It does
not bother them that it is there, but it certainly would bother us if
it's not there.
Kind Regards
Birger Kollstrand
Devoteam Telecom AS
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |