[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#122188: ssh: ssh should start earlier

On Mon, 15 Sep 2003 12:00, Andrew Pimlott wrote:
> I think this is basically a good idea.  My ideal would be for sshd
> start early (as soon as /usr is mounted, before attempting to mount
> other filesystems) with a minimal config that allows only root
> logins, then restart later with the normal config.  This would be a
> creat option to offer out-of-the-box, though I guess it would take a
> little bit of juggling to get right.

Having sshd allow root logins during the boot process when you don't allow 
such logins while the machine is fully operational seems like a bad idea.

If allowing root logins is not considered to be a security problem then they 
should be allowed at all times.  If allowing root logins is a security 
problem then it should never be allowed, not even at boot.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page
Reply to: