please deactivate services by default!

[Matthew Woehlke]

Chris Adams wrote:
> Once upon a time, Rahul Sundaram said:
>> No. sshd has always been disabled on the live cd since it doesn't have a 
>> root password.
> 
> Wouldn't it be better to have sshd configured to either:
> 
> - block root logins

This seems to be the default on some UNIX's (or, at least, it's true for 
some of the machines I work with, though it's possible that IT set it 
up). I'm indifferent; I might re-enable it (though, since I can su also, 
I might not), but I don't mind making this default.

> - block logins to accounts with no password

This is different from passphrase-less keys, right? If so I'd definitely 
vote for this. It doesn't need to be exclusive with disabling root 
login, though.

-- 
Matthew
Please do not quote my e-mail address unobfuscated in message bodies.
-- 
"You know what Microsoft's problem really is? They've lost the ability 
to feel ashamed." -- Pamela Jones (Groklaw)