[H-GEN] Secure Telnet
Steven Lawrance
steven at sia.net.au
Sun Aug 22 07:43:49 EDT 1999
[ Humbug *General* list - semi-serious discussions about Humbug and
Unix-related topics. ]
On Sun, Aug 22, 1999 at 08:29:57PM +1000, Anthony Towns wrote:
> * Reinstall blae (my laptop) and make *damn* sure no one cat connect
> to it remotely. No telnet. No sshd. No exim. No apache. No finger.
> identd running as nobody/nouser and chrooted, if I can damn well
> manage it. Don't even think about plugging in a pcmcia card until
> that's ensured.
If you don't want any remote connections, why run inetd at all?
> * Setup a one-time-password system for azure for both aj and root
> (and possibly everyone else), and don't ever login except
> via that or ssh.
S/key that comes by default with OpenBSD is pretty neat.
> And even then I'm going to shudder unhappily until Debian has had the same
> auditing effort done as OpenBSD and similar.
You could just use OpenBSD... ;)
--
Steven Lawrance
steven at sia.net.au
--
This is list (humbug) general handled by majordomo at lists.humbug.org.au .
Postings only from subscribed addresses of lists general or general-post.
More information about the General
mailing list