From owner-freebsd-arch  Mon Oct  9 20:59:39 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from pcnet1.pcnet.com (pcnet1.pcnet.com [204.213.232.3])
	by hub.freebsd.org (Postfix) with ESMTP id 50FEF37B66C
	for <arch@FreeBSD.ORG>; Mon,  9 Oct 2000 20:59:37 -0700 (PDT)
Received: (from eischen@localhost)
	by pcnet1.pcnet.com (8.8.7/PCNet) id XAA02186;
	Mon, 9 Oct 2000 23:49:11 -0400 (EDT)
Date: Mon, 9 Oct 2000 23:49:10 -0400 (EDT)
From: Daniel Eischen <eischen@vigrid.com>
To: Kris Kennaway <kris@citusc.usc.edu>
Cc: Terry Lambert <tlambert@primenet.com>, arch@FreeBSD.ORG,
	Poul-Henning Kamp <phk@critter.freebsd.dk>,
	Matt Dillon <dillon@earth.backplane.com>,
	Warner Losh <imp@village.org>,
	Jeroen Ruigrok van der Werven <jruigrok@via-net-works.nl>
Subject: Re: cvs commit: src/etc inetd.conf
In-Reply-To: <20001009202540.A2128@citusc17.usc.edu>
Message-ID: <Pine.SUN.3.91.1001009233930.833A-100000@pcnet1.pcnet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, 9 Oct 2000, Kris Kennaway wrote:
> On Tue, Oct 10, 2000 at 02:11:11AM +0000, Terry Lambert wrote:
> > > > >    Do any committers have any objections to me disabling ntalk, finger,
> > > > >    telnet, rsh, and ftp by default in -current?  And sandboxing 'named' by
> > > > >    default in -current?
> > 
> > Won't this make it difficult to bootstrap a headless 1U box?
> 
> The point, which many people in this discussion somehow keep missing,
> is that when you do a default installation of recent versions of
> FreeBSD, the machine reboots with ssh enabled and working.

Don't you first need to add your keys before ssh is usable?

I think that at least telnet and ftp should be enabled by default.
Make the secure settings optional.

-- 
Dan Eischen



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message