Mailinglist Archive: opensuse (2525 mails)

< Previous Next >
Re: [opensuse] 11.2 - what was the reasoning behind disabling sshd by default?
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Fri, 20 Nov 2009 17:05:50 +0100
  • Message-id: <he6eou$omv$1@xxxxxxxxxxxxxxxx>
Lars Müller wrote:

I think it's quite interesting (read: silly) to do such
"optimizations" on one end of the spectrum (single-user PC)

This is not about "single-user". This is about a reasonable default
for the current time. Five years ago we've not seen such distributed
brute force ssh attacks.

A system not running sshd by default must be primarily intended for an
environment where no remote access is required, typically a
single-user/-PC environment.
I would have opted to close port 22 for external access instead.

when we do e.g. LVM and
RAID improvements (something the single-user most probably has little
or no need for) on the other end. Is openSUSE slowly developing a
severe schizophrenia?

A lot of the features are developed for the SUSE Linux Enterprise
products. Should we keep them out of openSUSE to paint a nicer
picture?

No, that's not what I was suggesting - it's just weird to compare
features such as these:

1) turning off sshd by default is likely to annoy Peter Admin and be
ignored by Joe User.
2) adding nice RAID or LVM improvements might please Peter, but will be
ignored by Joe.

AFAICT, the change to disable sshd has not really achieved an awful lot,
except annoy Peter Admin. If you ask me for a suggestion, I would say
let's not p... off Peter Admin when trying to please Joe User.


/Per

--
Per Jessen, Zürich (9.9°C)

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >