Bug#786987: openssh-server: please have DebianBanner default to no

To: Christoph Anton Mitterer <calestyo@scientia.net>, 786987@bugs.debian.org
Cc: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Subject: Bug#786987: openssh-server: please have DebianBanner default to no
From: Colin Watson <cjwatson@debian.org>
Date: Wed, 27 May 2015 16:58:54 +0100
Message-id: <[🔎] 20150527155854.GQ10485@riva.ucam.org>
Reply-to: Colin Watson <cjwatson@debian.org>, 786987@bugs.debian.org
In-reply-to: <[🔎] 1432741442.4856.17.camel@scientia.net>
References: <[🔎] 874mmyjfw1.fsf@alice.fifthhorseman.net> <[🔎] 20150527143852.GP10485@riva.ucam.org> <[🔎] 1432741442.4856.17.camel@scientia.net>

On Wed, May 27, 2015 at 05:44:02PM +0200, Christoph Anton Mitterer wrote:
> On Wed, 2015-05-27 at 15:38 +0100, Colin Watson wrote: 
> > The specific case that prompted the banner in the first place was that
> > of a university trying to ensure that systems on its network was secure,
> > where the central administration doesn't have direct access to upgrade
> > packages nor any other such reliable way to determine package versions,
> > but does have the ability to disconnect vulnerable systems if need be.
> 
> Here I have to disagree with Colin.
> The purpose of the SSH has never been to do package management and/or
> Nagios-like tasks like software version reporting.
> If big sites want to monitor their current SSH version state they should
> better use the tools made for it (check_apt or whatever).

Nagios is fine if you're running a server farm.  It's useless if your
purpose is to perform friendly probing of a large heterogeneous network
most of which consists of desktop-type systems not run by professional
sysadmins.

-- 
Colin Watson                                       [cjwatson@debian.org]

Reply to:

Follow-Ups:
- Bug#786987: openssh-server: please have DebianBanner default to no
  - From: Christoph Anton Mitterer <calestyo@scientia.net>

References:
- Bug#786987: openssh-server: please have DebianBanner default to no
  - From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- Bug#786987: openssh-server: please have DebianBanner default to no
  - From: Colin Watson <cjwatson@debian.org>
- Bug#786987: openssh-server: please have DebianBanner default to no
  - From: Christoph Anton Mitterer <calestyo@scientia.net>

Prev by Date: Bug#786987: openssh-server: please have DebianBanner default to no
Next by Date: Bug#787002: openssh-client: please default ForwardX11Trusted to "no"
Previous by thread: Bug#786987: openssh-server: please have DebianBanner default to no
Next by thread: Bug#786987: openssh-server: please have DebianBanner default to no
Index(es):
- Date
- Thread