Date: Mon, 19 Oct 2015 19:43:14 +0200 From: Baptiste Daroussin <bapt@FreeBSD.org> To: Glen Barber <gjb@FreeBSD.org> Cc: freebsd-arch@FreeBSD.org Subject: Re: Enabling all available ttys if available console Message-ID: <20151019174314.GA86565@ivaldir.etoilebsd.net> In-Reply-To: <20151019171215.GX15305@FreeBSD.org> References: <20151019171215.GX15305@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--8t9RHnE3ZwKMSgU+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Oct 19, 2015 at 05:12:15PM +0000, Glen Barber wrote:
> Hi,
>=20
> For several months now, I have been contemplating enabling all active
> ttys on the system by 1) changing the defaults from std.9600 to 3wire,
> and 2) setting ttyu{0,1,2,3} from 'off' to 'onifconsole'.
>=20
> The only drawback to doing this that I can think of is it could open
> a potential attack vector, however this would require physical access to
> the system.
>=20
> The benefit to doing this is the system would be accessible via ttys
> other than ttyu0 by default, which unless there is someone with local
> access to the system, is painful for administrators to gain console
> access remotely by default.
>=20
> Are there objections to changing the default, or have I missed something
> larger in this proposed change?
>=20
> Thanks in advance.
>=20
> Glen
>=20
That would save a lot of pain in production servers, where different
manufacturers means differents ports available etc.
Big +1 for me.
best regards,
Bapt
--8t9RHnE3ZwKMSgU+
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlYlK7IACgkQ8kTtMUmk6Ew3jgCfV8dptmUKAlo5FyvOFM+eJdJ8
zBwAn3xPnufg0Iikfg77S/ystO6SYTUB
=JLKb
-----END PGP SIGNATURE-----
--8t9RHnE3ZwKMSgU+--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151019174314.GA86565>