inbound SSH allowed for default install of Fedora Workstation?
Chuck Anderson
cra at WPI.EDU
Sat Aug 23 15:05:26 UTC 2014
On Sat, Aug 23, 2014 at 09:52:11AM -0500, Michael Catanzaro wrote:
> Our understanding is that client and server development WILL work out of
> the box, unlike F20. The goal is that very few users ever need to
> configure the firewall. Our configuration can be seen at [1] and it
> looks sufficiently permissive to me. (Is there something else we need to
> address?) Whereas in F20 I spent much frustrating time trying to figure
> out why my network programs worked on other Linuxes but not Fedora, in
> F21 everything should just work, unless you're trying to use a system
> port. I frankly cannot think of any reason I would ever want to open
> firewall-config.
>
> Michael
>
> [1]
> http://pkgs.fedoraproject.org/cgit/firewalld.git/tree/FedoraWorkstation.xml
Why is SSH in this list? Is it a common thing for a developer,
student, or hobbyist to want to connect back INTO their workstation
from a remote location? If so, is it common that they'd want a CLI
session vs. a full graphical session (Remote Desktop)?
I don't think it is obvious to some of these audiences that the local
account login password also allows remote access. I see people set a
simple password for a "throwaway" or "test" laptop for example, but
unfortunately this exposes them to being hacked via SSH.
Or is the SSH service shipped turned off by default in Fedora
Workstation?
More information about the desktop
mailing list