Date: Mon, 22 Jan 1996 19:06:35 +0000 (GMT) From: Paul Richards <p.richards@elsevier.co.uk> To: nate@sri.MT.net (Nate Williams) Cc: security@FreeBSD.org Subject: Re: ssh /etc config files location.. Message-ID: <199601221906.TAA09960@cadair.elsevier.co.uk> In-Reply-To: <199601221750.KAA22368@rocky.sri.MT.net> from "Nate Williams" at Jan 22, 96 10:50:21 am
next in thread | previous in thread | raw e-mail | index | archive | help
In reply to Nate Williams who said > > > I disagree with /etc. These are not configuration files, they are > > runtime modifiable files and should go in /var. > > Huh? They are most certainly configuration files. The public/private > keys as well as ssh_config and sshd_config are not (any more so than any > other config file ) runtime modifiable once they are initially > installed, and once they are installed (as with any configuration file) > they shouldn't be touched, unlike the files in /var/run. Now, sshd.pid > is a file that should get stuck in /var/run, but I think we'd all agree > on that move. Oh, silly me. I was thinking of the .ssh files, like known_hosts. I I still don't like things touching /etc though. I don't see why we should make exceptions for ports that install into /usr/local if they happen to have host specific configurations, that's something that the local NFS admin should sort out. You'll have exactly the same problem if you administer diskless machines. Now, on a related note, how about replacing rsh with ssh in our main tree. It's backwards compatible and rsh needs to die anyway for all the same reasons that ssh exists in the first place. I tend to find most sites I'm at these days disable r* commands for security reasons anyway amd if rsh is a needed tool they install ssh instead. Having it come as default in FreeBSD would be yet another "feature" in FreeBSD's favour. -- Paul Richards. Originative Solutions Ltd. Internet: paul@netcraft.co.uk, http://www.netcraft.co.uk Phone: 0370 462071 (Mobile), +44 1225 447500 (work)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199601221906.TAA09960>