F22 System Wide Change: Set sshd(8) PermitRootLogin=no

[Reindl Harald]

Am 08.01.2015 um 21:34 schrieb Stephen John Smoogen:
> In most of the cases, we end up requiring someone to go to the system
> physically and doing some initial work if we run into any of 0-3. Of
> course that works great if you have a physical server. We virtualize
> most of our servers which ends up with even more weird problems of
> trying to get working

than you do something wrong

especially om virtualized systems remote management is far easier 
because you have *one* remote console and if it is regular tested and 
all clients have the needed access you reach 100,1000,10000 virtual 
servers without any exception

but back to topic: yes it is *way* too optimistic assume KVM or similar 
everywhere - for a small business you typically have a *server* as 
router/firewall *because* you want to avoid the security problems of 
make crap without regular updates directly reachable from the internet 
and that includes:

* SOHO routers
* KVM devices
* any embedded device
* VMware consoles

so guess what there is running: a ordinary Linux setup (in my case) 
Fedora and the only way to access some of them hundrets of kilometers 
away is just SSH


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150108/a9d5ba6e/attachment.sig>