Date: Tue, 06 Oct 2009 00:49:36 +0200 From: Daniel Bond <db@danielbond.org> To: Doug Barton <dougb@FreeBSD.org> Cc: FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: openssh concerns Message-ID: <460A3E92-37D5-49CA-A079-EC08867B8DD4@danielbond.org> In-Reply-To: <4ACA6BE8.3000402@FreeBSD.org> References: <20091003121830.GA15170@sorry.mine.nu> <4AC7B690.1060607@gmail.com> <C71A2370-DF5D-4C73-9321-7AA95B4844D5@danielbond.org> <4ACA6BE8.3000402@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-6--549614409 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Hi. I explained my opinion quite well (imo) a bit further down in my previous email. I'm not sure what to answer. I don't necessarily think it's relevant for every computer running sshd. I see a tendency to change sshd port to 2022 and other port numbers. I'm not sure everyone doing it is aware that using unprivileged ports also has consequences, compared to (often) a few harmless logentries. I'd much rather use an privileged port, or mac_portacl(4), like mentioned earlier. Best regards, Daniel. I've noticed quite a bit of suggestions to use 2022, 2222 and such On Oct 5, 2009, at 11:58 PM, Doug Barton wrote: > Daniel Bond wrote: >> However, I'm concerned about the suggestion of using an >> unprivileged port > > Please explain your reasoning, and how it's relevant in a world where > the vast majority of Internet users have complete administrative > control over the systems they use. > > > Doug > > -- > > This .signature sanitized for your protection > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org > " --Apple-Mail-6--549614409 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.11 (Darwin) iEYEARECAAYFAkrKeAAACgkQF4Ca8+3pySXlWwCghy6voGgDAR7seqtCF3BvlEWV 9a4An2vJPXfxy9g8KlCAcdPunzKF5NPp =PV+w -----END PGP SIGNATURE----- --Apple-Mail-6--549614409--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?460A3E92-37D5-49CA-A079-EC08867B8DD4>