Allen wrote:
You're on a SUSE list standing up for OpenBSD.
So what? There's absolutely nothing wrong with that.
Very true! Infact it's possibly a bad idea to "stick all of your eggs in one basket" and have a 100% homogenous OS environment. For example, even though we're migrating all of our servers to SuSE SLES, it might be a good idea to have our Firewall running [open|net]BSD. Why?? Whats wrong with a SLES firewall?? Well if there *did* ever happened to be an exploit that affected the Linux TCP/IP stack, then people might (possibly) be able run rampant across your network! However if you had a different OS for your firewall, then that would add an extra layer of network security. Possibly. Who knows!
If you like it so much tell them on their list.
Hell, maybe *BSD is more secure by default. SLES 9's default sshd_config isn't ideal, that's for sure! (I think it had "PasswordAuthentication no" but then it also had "UsePAM yes" as well... which OVERRIDES the first setting!!! End result... it still allows PasswordAuthentication unless you reconfigure PAM or set it to "UsePAM no"!). SuSE is great. *BSD's are all great. None of them are perfect, so there's no harm in comparing them. Cheers Mike