Re: Suggestion for Improving Debian Workstation Builds
On Wed, 30 Jul 2025 18:00:21 +0100
Joe <joe@jretrading.com> wrote:
> On Wed, 30 Jul 2025 17:28:05 +0200
> Detlef Vollmann <dv@vollmann.ch> wrote:
>
> > On 7/30/25 15:18, John Dow wrote:
> > > Further to this, I’d be completely unsurprised is fully 99.9% of
> > > Linux users consider an SSH client essential. Which is why it’s
> > > installed by default.
> > >
> > > It’s worth bearing in mind that while Linux is becoming more and
> > > more useful to Windows users, Linux is not Windows.
> >
> > Just as a data point: Windows ships these days with an SSH client as
> > well...
> >
> >
> I don't believe the OP sees the client as an issue. It is not a
> daemon, it can simply be ignored, and it is not a security risk. I
> always install the Telnet client, for quick and dirty
> troubleshooting, but rarely use it.
>
> Presumably the OP installed without using the Expert mode, as a
> beginner might, and was not offered the choice of installing sshd. I
> don't know, I made the mistake of using the non-Expert installer once,
> and ended up with no networking, and I've never used it since.
>
> Certainly the Expert mode offers the choice of sshd or not. Again I
> don't recall, but I think if the task 'ssh server' is selected, it
> is enabled by default and must use the normal account passwords for
> security, as there is no other method enabled. It might be possible to
> improve on this, without making remote installation impossible.
>
Sorry, sent accidentally, I was going to add that the default sshd
installation does leave it open to brute-force password attacks.
--
Joe
Reply to: