Date: Mon, 19 Oct 2015 19:43:14 +0200 From: Baptiste Daroussin <bapt@FreeBSD.org> To: Glen Barber <gjb@FreeBSD.org> Cc: freebsd-arch@FreeBSD.org Subject: Re: Enabling all available ttys if available console Message-ID: <20151019174314.GA86565@ivaldir.etoilebsd.net> In-Reply-To: <20151019171215.GX15305@FreeBSD.org> References: <20151019171215.GX15305@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--8t9RHnE3ZwKMSgU+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 19, 2015 at 05:12:15PM +0000, Glen Barber wrote: > Hi, >=20 > For several months now, I have been contemplating enabling all active > ttys on the system by 1) changing the defaults from std.9600 to 3wire, > and 2) setting ttyu{0,1,2,3} from 'off' to 'onifconsole'. >=20 > The only drawback to doing this that I can think of is it could open > a potential attack vector, however this would require physical access to > the system. >=20 > The benefit to doing this is the system would be accessible via ttys > other than ttyu0 by default, which unless there is someone with local > access to the system, is painful for administrators to gain console > access remotely by default. >=20 > Are there objections to changing the default, or have I missed something > larger in this proposed change? >=20 > Thanks in advance. >=20 > Glen >=20 That would save a lot of pain in production servers, where different manufacturers means differents ports available etc. Big +1 for me. best regards, Bapt --8t9RHnE3ZwKMSgU+ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlYlK7IACgkQ8kTtMUmk6Ew3jgCfV8dptmUKAlo5FyvOFM+eJdJ8 zBwAn3xPnufg0Iikfg77S/ystO6SYTUB =JLKb -----END PGP SIGNATURE----- --8t9RHnE3ZwKMSgU+--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151019174314.GA86565>