[sles-beta] sshd start
Dan Elder
DElder at novacoast.com
Wed Feb 26 10:50:26 MST 2014
While I understand and support the decision not to enable sshd by
default, do we really need services like rpcbind and cupsd running by
default? I know that's the way it's always been done but how many
environments are using these services that couldn't turn them on
(instead of enabling them in a default installation)? I would think
that sshd utilization is much more widespread but the compromise of
having a simple installation option for enabling it and opening the
firewall is an appropriate balance. Should print server really be part
of a default installation with cupsd running? I like the idea behind a
very minimal default installation and while it's very very good that the
firewall is enabled by default, the less is more philosophy is very
important for security.
Wouldn't it be more appropriate to disable all services (cups, rpcbind,
ntp, etc...) unless they're configured (through YaST)? Is there any real
benefit to having them on and running by default if they're never even
configured to do anything? I'm sure there are use cases that I'm
missing but I'm curious what they are.
Just my two cents,
Dan
On 02/26/2014 12:45 AM, Stefan Behlert wrote:
> Hi,
>
> On Feb 26, 14 08:50:13 +0100, Günther J. Niederwimmer wrote:
>> Hello,
>>
>> is this a new security adjustment (?), on installation the sshd is no longer
>> starting or is this a Bug. ;)
>>
>> Not nice to configure a system over the net :(.
>
> The sshd is per default off, and can be activated during installation. If
> you install via network it should be enabled by default, but this is
> currently not the case (and a bug),
>
> Stefan
--
Linux Services Manager
Novacoast, Inc.
Mobile: (310) 243-6971
Office: (800) 949-9933 x1337
http://www.novacoast.com/
More information about the sles-beta
mailing list