From owner-freebsd-arch  Wed Oct 11 19:50:42 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from mail.rpi.edu (mail.rpi.edu [128.113.100.7])
	by hub.freebsd.org (Postfix) with ESMTP id AE16337B503
	for <arch@FreeBSD.ORG>; Wed, 11 Oct 2000 19:50:39 -0700 (PDT)
Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47])
	by mail.rpi.edu (8.9.3/8.9.3) with ESMTP id WAA177454;
	Wed, 11 Oct 2000 22:50:31 -0400
Mime-Version: 1.0
X-Sender: drosih@mail.rpi.edu
Message-Id: <v04210104b60acfa922f4@[128.113.24.47]>
In-Reply-To: <15251.971315263@winston.osd.bsdi.com>
References: <15251.971315263@winston.osd.bsdi.com>
Date: Wed, 11 Oct 2000 22:50:29 -0400
To: Jordan Hubbard <jkh@winston.osd.bsdi.com>,
	Alfred Perlstein <bright@wintelcom.net>
From: Garance A Drosihn <drosih@rpi.edu>
Subject: Re: cvs commit: src/etc inetd.conf
Cc: arch@FreeBSD.ORG
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Not that I want to be a pest, but let me try this proposal
one more time.  If someone could tell me what is bad about
this proposal, I would like to hear it.

     Leave telnetd enabled, but have a dumb message printed
     every time someone logs into root while it is enabled.
     Just add a dumb check to /root/.cshrc.  I don't do any
     csh scripting, but in bash it'd be something like:

          grep -qs '^telnet' /etc/inetd.conf
          if [ $? -eq 0 ] ; then
             echo ""
             echo "*** Note: telnetd is enabled in /etc/inetd.conf"
             echo "***       either comment it out of there, or"
             echo "***       delete this check in /root/.bashrc"
             echo ""
         fi
 
Seems to me this avoids any problems with headless machines,
or with the dialog appearing or not-appearing based on which
type of installation is being done.  (the exact wording of
the message needs to be improved, of course).

Note that I HAVE had freebsd installs where sshd did NOT work,
so I don't buy the argument that "now that we have sshd, it
will always work on all installs and therefore we can be 100%
certain there will never ever be a need for telnetd immediately
after doing an install".  There's these things called "updates",
and from time-to-time "updates" break things that otherwise
work.

Once a person gets far enough into an install that they manage
to log into root, then they should have a pretty good idea if
they want telnetd active.  Also note that this CONTINUES to
check for telnetd being enabled, which (imo) is a better idea
than just disabling it by default.

So, if we did this MASSIVE change, and left telnetd enabled by
default, WHAT WOULD THE PROBLEM BE?

---
Garance Alistair Drosehn           =   gad@eclipse.acs.rpi.edu
Senior Systems Programmer          or  drosih@rpi.edu
Rensselaer Polytechnic Institute


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message