[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SSH on by default? (Was: too many deamons by default - F7 test 2 live cd)

On 3/21/07, Alexander Boström <abo kth se> wrote:
ons 2007-03-21 klockan 15:02 -0400 skrev Jon Masters:

> IMO, yes. There are few times where I'll argue for services on by
> default but SSH is one of those fundamental services that one expects to
> have, pretty much on any box where an ssh server is installed. And yes,
> I'd argue that even applies to desktop/laptop users :-)


I sigh right along with you, I seem to remember bringing up having
root logins on by default pre FC6 - FC6 shipped with root logins on by

I just really doubt there's any reasonable way to prevent bad passwords
from being exploited.

Fedora could at _least_ ship with DenyHosts (or similar) in by default as well

So it will happen, and that's just not acceptable.
Zombie machines, running Fedora? Come on, we're supposed to be better
than that! It's really bad and and it's also bad PR.

I agree

Perhaps forcing people to use good passwords would be possible, but I
doubt it.

That's how things were in FC1 and FC2, for some reason, the password
strength alerts were removed in prior versions.

I helped a guy install Fedora once, over AIM chat where I didn't
actually have any control over the machine... I had to point out to him
very explicitly that if he doesn't turn off sshd it'll give him trouble.
(Including explaining to him that why it's bad if someone guesses his
password and gets access to his machine, it wasn't entirely obvious to
him.) I think he got the point and managed to type the right commands to
disable it though.


Why didn't you point him to system-config-services?

Along the lines of passwords, I had firstboot (or was it Anaconda) die
before allowing me to create a regular user, but that's off topic I

Fedora Core 6 and proud

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]