Re: openssh-server's default config is dangerous
On Tuesday 12 July 2016 18:39:29 Erwan David wrote:
> Le 12/07/2016 à 19:34, Lisi Reisz a écrit :
> > My solution to that is physical access to the computer, actually sitting
> > in front of it - login without a password. ALL external access, even
> > from the neighbouring computer, use a strong password in case someone
> > breaks into your network from outside.
> >
> > Lisi
>
> Note that there are computers to which no user has physical access.
Of course. But anyone who is administering such a computer can be assumed to
be at least knowledgeable enough to reconfigure ssh to suit his/her
needs/likes/wants! And I would never advocate passwordless entry, nor a weak
password, in such a situation.
> > "ALL external access, even
> > from the neighbouring computer, use a strong password in case someone
> > breaks into your network from outside."
Lisi
Reply to: