Lars Müller wrote:
On Fri, Nov 20, 2009 at 12:17:46PM +0100, Per Jessen wrote:
Marcus Meissner wrote:
On Fri, Nov 20, 2009 at 11:28:14AM +0100, Per Jessen wrote:
It does seem pretty odd - why do I have to explicitly enable ssh during installation? In previous releases, sshd was always active. To anyone with more than one box, sshd is a must - to anyone with only one box, it doesn't do any harm.
On most users machines (I estimate 95%+), the firewall is enabled and the ssh port not open.
For them sshd running is useless and just costs startup time and resources.
Reasoning yes, but not very good, IMHO.
This is a very, very good reasoning. Marcus with his 95% was conservative.
And:
a) for those of us upgrading from older SUSE products _nothing_, NULL, zero changes. An upgrade doesn't touch the state of a service.
b) this change was documented and is easy to reverts.
service sshd start chkconfig -a sshd
Or simply use YaST. One time and you're done and are happy again.
While the majority of the SUSE users might be happy without to know about. :)
(There is currently no text in this page)
@Per please make my day and document it. ;)
I think it's quite interesting (read: silly) to do such "optimizations" on one end of the spectrum (single-user PC)
This is not about "single-user". This is about a reasonable default for the current time. Five years ago we've not seen such distributed brute force ssh attacks.
when we do e.g. LVM and RAID improvements (something the single-user most probably has little or no need for) on the other end. Is openSUSE slowly developing a severe schizophrenia?
A lot of the features are developed for the SUSE Linux Enterprise products. Should we keep them out of openSUSE to paint a nicer picture?
Lars
it was in the release notes ! -- Hans Krueger hanskrueger007@roadrunner.com registered Linux user 289023 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org