Summary of password strength discussion
Chris Murphy
lists at colorremedies.com
Mon Jul 27 21:49:55 UTC 2015
On Mon, Jul 27, 2015 at 3:32 PM, Matthew Miller
<mattdm at fedoraproject.org> wrote:
> On Mon, Jul 27, 2015 at 03:27:03PM -0600, Chris Murphy wrote:
>> Firewalld needs to be easier to inform what networks are trusted, so
>> that when I go to a cafe it automatically blocks (or drops) requests
>> to ports 22, 445, 2049, etc. By default. Without asking me. Just do it
>> because I have no good reason having those available when I'm in a
>> cafe. And if I do, I'll trust the network.
>
> Here, we definitely agree.
>
>> When enabling sshd in the GUI, it should use AllowUsers in sshd_config
>> rather than allowing all users access. ClientAliveInterval probably
>
> I like this too, but editing sshd_config is more than a bit scary.
Not the user, the GUI asks a service to do the editing COW style -
write out a .new and once that succeeds, then rename current to old
and new to current.
--
Chris Murphy
More information about the desktop
mailing list