From owner-freebsd-arch Wed Oct 11 15: 5:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from earth.backplane.com (placeholder-dcat-1076843290.broadbandoffice.net [64.47.83.26]) by hub.freebsd.org (Postfix) with ESMTP id 53BFD37B502 for ; Wed, 11 Oct 2000 15:05:22 -0700 (PDT) Received: (from dillon@localhost) by earth.backplane.com (8.11.0/8.9.3) id e9BM2ns23441; Wed, 11 Oct 2000 15:02:49 -0700 (PDT) (envelope-from dillon) Date: Wed, 11 Oct 2000 15:02:49 -0700 (PDT) From: Matt Dillon Message-Id: <200010112202.e9BM2ns23441@earth.backplane.com> To: Poul-Henning Kamp Cc: Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf References: <88823.971294422@critter> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG :In message <200010111905.e9BJ59X21786@earth.backplane.com>, Matt Dillon writes: : :> There's being 'reasonable' and there's being 'unreasonable'. This :> type of argument doesn't wash when the reasonable thing to do, with :> the availability of ssh, is to make things 'reasonably secure' by :> default. You can't ask for more, but neither should you require :> less. The lowest common denominator is not telnet or ftp any more. : :Matt, we can make things very secure by default by not starting any :network processes and no gettys. That way people are forced to boot :single user first time and configure their system. : :While people like you seem to prefer such "perfect" solutions, others :recognize that they just *might* harm our market acceptance. : :Suggest you switch to OpenBSD, I think they would be more supportive :of your approach. : :-- :Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 :phk@FreeBSD.ORG | TCP/IP since RFC 956 I really have to take exception to such an idiotic posting by Poul, whos seems to be trying to puts words in my mouth that I have not said... in fact, Poul knows very well that I am not advocating an OpenBSD-style position. He also knows very well that I am not the type of person to take such remarks sitting down. I never once said or intimated that we should force people to boot single user first time and configure their systems. I never once said or intimated that we should go to the extremes OpenBSD goes to. I've said one thing and one thing only: That SSH is now enough of a defacto standard that it obsoletes rlogind and telnetd. I will also add that today's network environment is a hell of a lot more hostile then the networking environment as of the time rlogind and telnetd were written. I believe, strongly, that ignoring the hostility of the network environment (whether you are installing rack mount boxes on a switched LAN or otherwise) and continuing to embrace, as a default means to configure a remote box, protocols that are not secure, is just plain stupid. I hold this position, but the position itself does NOT imply that I hold to always having to take the most extreme measures. Hence my comment in regards to ssh learning new host keys (and people saying 'yes' when ssh asks). I do not know a single person who pre-sets his known_hosts file by obtaining a host key through an alternative path. Not one. Why? Because while man-in-the-middle attacks are possible, the possibility of them happening for the very first connection made to some host is so remote that spending the extra time to get the key through another path is just that--- a waste of time. There is pragmatism, and there is sheer idiocy. A lot of people are using sheer idiocy (either to the extreme of justifying an unsecure login, or to the extreme of attempting to justify only supremely secure logins) to try to make their points in this forum. Well, I'm sorry... I'm a pragmatist. If you don't like, you can stuff it. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message