On Sat, Nov 21, 2009 at 12:11:25PM +0000, G T Smith wrote: [ 8< ]
This are the first observations on the direction openSuSE seems to be taking that echoes a concern of mine. Although it vigorously denied there is increasing emphasis on the home user desktop and a benign neglect of other areas elsewhere, the end product seems to undermine that denial.
The change not to enable the openssh daemon with any new install doesn't say anything about the directions of the openSUSE project. It is a simple security design approach. As said many times before: the intention is to keep it simple stupid. And such design approaches are a moving target. They got modified over the years. No more telnet, no more plain passwords with the majority of services. For those of us using Linux for a long time this doesn't cause much of extra work. We're able to enable the service via YaST or might even use chkconfig -a ssh on the command line. From the networking setup summary it is one click at installation time. And please keep in mind: If you upgrade from openSUSE 11.1 to 11.2 the state of the service (enabled/disabled) is not changed. Therefore to me all this noise about ssh is much about nothing compared to the real issues, bugs and missing features we have. And while all had been able to complain and to offend none had been able to write something at http://en.opensuse.org/Ssh
I am personally not really interested in much of the multi-media and desktop 'bells and whistles', but more in having a developmental and research environment (with a bit of personal admin stuff). The tendency to force the user away from the 'gubbins' which makes things work in newer desktops is often more a hindrance than a help in this context. (Having to work out which process you need to temporarily kneecap to get the results one wants is a PITA).
Nobody is forced to anything. But as openSUSE, Fedora and Debian are Open Source projects they move on. This move includes the adoption of new concepts. The majority of the new stuff makes it much, much easier for new users. For example HAL/ConsoleKit/PolicyKit automatically grants permission to the user by adding appropriate ACL entries to a bunch of files (like /dev/snd/* and other device files) for local logins via console, gdm, kdm. But this is a conceptional change compared to how this had been done in the past. For the sound stuff we had been used to be in the audio group. New concepts aren't introduced cause they're new or provide companies a reason to sell a new product. These new approaches are used cause they're more flexible and allow a better, finer grained control what's allowed to which user or group for example.
I can see the both sides of the ssh/sshd argument. I think what we really need is probably a restore to the concept of a professional configuration for the technically literate and a basic user configuration for the M$ refugees and not so literate. Installing 11.1 from scratch when one you knew what you wanted was possible but unnecessarily time consuming
Which part of the installtion in 11.1 or 11.2 consumed more time than it was the case with 11.0? It was the intention to make the YaST installation workflow easier and less time consuming by providing as much as possible reasonable defaults while allowing the user to still modify configuration details on request.
(at this moment 11.2 looks like something I will skip). There are at least two different basic user groupings involved and they have different base line requirements.
There is no good reason to skip openSUSE 11.2. In particular all the noise about how the ssh service for a _new_ install is handled isn't a reason not to use openSUSE 11.2. I'm running it on five systems now and am very happy with all the features we've recently read about at this list. On the other hand openSUSE 11.1 is still fed with security fixes and the openSUSE Build Service provides a huge amount of prebuild packages in addition. It's your decision which route to follow. As it was dicussed and decided by the openSUSE community to disable the ssh service by default with a fresh install of openSUSE as quoted in an earlier mail. Additional action to get the ssh daemon started with openSUSE 11.2 is only required if you perform a fresh install. And this action is required _one_ time. One time spending ten seconds to enable this additional network service (while install or later from inside the system). Nothing compared to the time spent on this thread. ;) But I'm sure we'll see additional 50 replies on this topic. :) Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany