mattdm at mattdm.org
Tue Aug 22 15:09:35 UTC 2006
On Tue, Aug 22, 2006 at 03:49:31PM +0200, Tomas Mraz wrote:
> > Sure. All I'm saying is that if you do a VNC headless install in the
> > way the documentation suggests, you are left with a machine you cannot
> > access at all. This seems wrong.
> What about my proposal in the bug report? We would leave the sshd port
> open in firewall only before the s-c-securitylevel is run in firstboot.
> As soon as it was run the default in the s-c-securitylevel would be sshd
> port closed so simply clicking OK would close the sshd port.
My instinct is that this seems inconsistent. If you go this route, something
somewhere next to the checkboxes should mention that the discrepancy is
intentional. But further, I don't think relying on iptables is the solution
here -- that just papers over the issue.
Matthew Miller mattdm at mattdm.org <http://mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
More information about the devel