Schedule for Wednesday's FESCo Meeting (2012-10-10)

Matthew Miller mattdm at fedoraproject.org
Thu Oct 11 02:28:21 UTC 2012


On Wed, Oct 10, 2012 at 08:21:02PM -0600, Kevin Fenzi wrote:
> > I think turning off sshd by default but having a preset to turn it on
> > makes a lot of sense -- most places which will want it on will be
> > using kickstart, or else will otherwise have little problem enabling
> > it after the fact.
> I think that would confuse a lot of folks... many people expect ssh to
> be available on their desktop machines, etc. 

Yeah, but many are equally surprised that it's on by default. :) Any change
here would have to be accompanied both by documentation about the change and
clear docs telling people how to turn it on both by hand and in kickstart.


> Also, whats the gain? 
> less exposure to brute force password guessing? 

Yes, that's the gain. Or to a widespread but as-yet-unknown sshd exploit.


-- 
Matthew Miller  ☁☁☁  Fedora Cloud Architect  ☁☁☁  <mattdm at fedoraproject.org>


More information about the devel mailing list