Mailinglist Archive: opensuse-factory (626 mails)
| < Previous | Next > |
Re: [opensuse-factory] request for comments: disable ssh daemon by default
- From: Hans Witvliet <hwit@xxxxxxxxxxx>
- Date: Sat, 29 Mar 2008 00:33:52 +0100
- Message-id: <1206747232.7373.15.camel@xxxxxxxxxxxxxx>
On Sat, 2008-03-29 at 09:30 +1300, Volker Kuhlmann wrote:
If some people (i don't know any) think it is wise to turn off their
firewall, AND have by then an open exposure from Internet, THEY should
turn off their ssh-daemon.
Most desktop users i know of, are behind a dedicated firewall, either in
their dsl-modem or a "multi-purpose" firewall.
I would rather see a bunch of people with an idle ssh-daemon, than
people who need remote access starting the R-services again....
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
This is the case Markus wants to protect against. People turn off the
firewall for their desktops because it blocks too much LAN functionality
by default (mostly broadcasts about available services, at a guess).
With the default setting of password-login and the weak passwords on
desktops sshd becomes a BIG HOLE(TM) very quickly, and nothing to do
with coding errors.
If some people (i don't know any) think it is wise to turn off their
firewall, AND have by then an open exposure from Internet, THEY should
turn off their ssh-daemon.
Most desktop users i know of, are behind a dedicated firewall, either in
their dsl-modem or a "multi-purpose" firewall.
I would rather see a bunch of people with an idle ssh-daemon, than
people who need remote access starting the R-services again....
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |