Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
RE: [suse-security] Allow MAC addresses through SuSEfirewall2
  • From: "Thomas Knight" <thomas.knight@xxxxxxxxxx>
  • Date: Sun, 6 Mar 2005 14:18:46 -0000
  • Message-id: <GMEBLBGHPCLIGOBCNNHNMELFCEAA.thomas.knight@xxxxxxxxxx>


> -----Original Message-----
> From: Carlos E. R. [mailto:robin1.listas@xxxxxxxxxx]
> Sent: 06 March 2005 01:33
> To: SuSE Security List
> Subject: RE: [suse-security] Allow MAC addresses through SuSEfirewall2
>
>
>
> The Saturday 2005-03-05 at 21:04 -0000, Thomas Knight wrote:
>
> > I'm with you about trusting the individuals not the machines.
> > Having said that I think they're the type to save passwords or
> > use PPK with no password :-(
> >
> > Tom.
>
> There are settings in Yast (profesional version) to force users to have
> "safer" passwords. I supposse the enterprise version has similar settings.
>
> Also, you could set up ssh to not accept login/password entry, but public
> key instead.

I'm with you there.
What I mean is if I use username/password they'll just save the password
somewhere.
If they use PPK they'll "forget" to specify a passphrase for their private
key, which is out of my control.

Hey, I'll log all access and they'll have limited privs. We do what we can!

Ta for the thoughts,

Tom.


< Previous Next >
Follow Ups
References