Schedule for Wednesday's FESCo Meeting (2012-10-10)
mattdm at fedoraproject.org
Thu Oct 11 02:28:21 UTC 2012
On Wed, Oct 10, 2012 at 08:21:02PM -0600, Kevin Fenzi wrote:
> > I think turning off sshd by default but having a preset to turn it on
> > makes a lot of sense -- most places which will want it on will be
> > using kickstart, or else will otherwise have little problem enabling
> > it after the fact.
> I think that would confuse a lot of folks... many people expect ssh to
> be available on their desktop machines, etc.
Yeah, but many are equally surprised that it's on by default. :) Any change
here would have to be accompanied both by documentation about the change and
clear docs telling people how to turn it on both by hand and in kickstart.
> Also, whats the gain?
> less exposure to brute force password guessing?
Yes, that's the gain. Or to a widespread but as-yet-unknown sshd exploit.
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm at fedoraproject.org>
More information about the devel