Re: Proposed: task-secure-system package
On 2000-10-20 15:25, Robert van der Meulen wrote:
>> No. I like to have ssh as root enabled so that I can login directly to do
>> regular maintenance tasks with minimum stuffing around. Doing the "enter
>> password to su to root" thing works if you run one or two machines. But
>> if you run 50 machines it's ridiculous to consider such things.
>
>Depends ;) - patching sshd seems like a good solution.
Well I have developed a patch that works for the SSH1 protocol with RSA. I
have not developed a patch for the SSH2 protocol because I have not yet
figured out how it works enough to setup a suitable test configuration.
>Where i work we run loads of machines, and in my experience it's very
>annoying to not-know who ssh'd in as root.
Yes.
>I wouldn't like to do the extra work to patch sshd, and having to install
>the 'special' sshd on all machines, instead of just dist-upgrade-ing.
That is why I have filed a bug report against the ssh package with my patch
attached. I hope that Philip Hands will choose to incorporate my patch in
the ssh package and eventually send it upstream.
I believe that my patch is usable as it is, but will need to have ssh2
support added before it can be sent upstream.
>> OK. Any people interested in linux programmers meetings in the
>> Netherlands please mail me off the list. I'll arrange one soonish.
>
>will do (maybe notify the debian-nl-something list as well?).
Already sent an email there. I decided to suggest a debian.nl meeting first
as there hasn't been one for a while and we had a linux-prog-nl meeting not
too long ago.
--
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page
Reply to: