On 2014-06-26 12:18, Felix Miata wrote:
On 2014-06-26 11:53 (GMT+0200) Carlos E. R. composed:
Felix Miata wrote:
But you see, very few people install the telnet server. It has security implications and it was removed many years ago from the default install. People that install it must do it on purpose. This has the consequence that probably nobody tests it, even less as root. You can probably do it, but nobody is (normally) doing it, so very few people know how to activate it.
I tried the figuring out which one before. It makes me cross-eyed trying with the multitude of installations here. The need to forget each time is another one of those things I disagree with on principle.
Well, that is a very sensible default security measure. You may not want/need it, but that setting must not be disabled by the distribution defaults.
I'm spoiled by the simplicity of NFS, where all needs done to configure is provide an IP range on the server, and what needs doing between machines is easily done.
NFS is designed for a secured intranet, whereas ssh is designed for an insecure network, including Internet. In fact, some of us need an NFS with some features of ssh.
The other is to use a different IP for each of the multiboot installs.
That would never work here, too many installations on too many machines.
There is another possibility, which is replacing the signature identifiers on all those installs on the same machine, so that they match and the ssh client doesn't complain. It may be some of the *key files in /etc/ssh/, but I don't know which. Probably all these in /etc/ssh/sshd_config: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key
True, but it is a single click on the summary system install screen. I have a small cheat-sheet (in actual paper) of absolutely needed customizations I should do directly on installation, on that screen, and
Mine wouldn't fit on one letter sheet in a type size big enough for me to read. :-p I do the ones I remember from memory and scanning various categories, then taboo those I don't want out of the summary list.
That's the list of packages. Different thing.
I do them. Ticking the ssh one is in fact the easiest of all the modifications I do.
ISTR simply having it installed in a systemd world isn't sufficient. Life was oh so much simpler using chkconfig.
Not installing. On the summary screen during openSUSE DVD installation, a single screen, at the bottom there is a one click item to enable/disable the sshd server or not, and to open it on the firewall. A single click, very visible and simple to use. Click it, and it works out of the box on first boot. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)