-----Original Message----- From: Carlos E. R. [mailto:robin1.listas@tiscali.es] Sent: 06 March 2005 01:33 To: SuSE Security List Subject: RE: [suse-security] Allow MAC addresses through SuSEfirewall2
The Saturday 2005-03-05 at 21:04 -0000, Thomas Knight wrote:
I'm with you about trusting the individuals not the machines. Having said that I think they're the type to save passwords or use PPK with no password :-(
Tom.
There are settings in Yast (profesional version) to force users to have "safer" passwords. I supposse the enterprise version has similar settings.
Also, you could set up ssh to not accept login/password entry, but public key instead.
I'm with you there. What I mean is if I use username/password they'll just save the password somewhere. If they use PPK they'll "forget" to specify a passphrase for their private key, which is out of my control. Hey, I'll log all access and they'll have limited privs. We do what we can! Ta for the thoughts, Tom.