Roman Drahtmueller:
As far as SSH packaging goes is there any reason to NOT split it up to client and server? It makes sense to me. Is there any compelling reason to NOT split it up?
I need a reason _for_ it in the first place. How about START_SSHD=no in /etc/rc.config, or rm /sbin/init.d/sshd /usr/sbin/sshd* /sbin/rcsshd ?
The secure shell daemon is ran at boot time per default intentionally. Reason: ssh is the only way to access a freshly installed machine remotely. We find that this makes sense. Roman.
Hi Roman, the question is if my system is safe from access from outside. If I configure ssh only to accept connections from my local network, fine. But isn't the default to accept all connections? If so, my box is vulnerable to bruteforce attacks via ssh. And only because I wanted the ssh client tools? (ok, one should use a properly configured firewall to catch things like that.) Peter