From owner-freebsd-arch  Tue Oct 10  8:55:42 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP id A3BAE37B66C
	for <arch@FreeBSD.org>; Tue, 10 Oct 2000 08:55:36 -0700 (PDT)
Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.9.3/8.9.3) with SMTP id LAA28449;
	Tue, 10 Oct 2000 11:54:09 -0400 (EDT)
	(envelope-from rwatson@FreeBSD.org)
Date: Tue, 10 Oct 2000 11:54:09 -0400 (EDT)
From: Robert Watson <rwatson@FreeBSD.org>
X-Sender: robert@fledge.watson.org
To: Kris Kennaway <kris@citusc.usc.edu>
Cc: Terry Lambert <tlambert@primenet.com>, arch@FreeBSD.org,
	Poul-Henning Kamp <phk@critter.freebsd.dk>,
	Matt Dillon <dillon@earth.backplane.com>,
	Warner Losh <imp@village.org>,
	Jeroen Ruigrok van der Werven <jruigrok@via-net-works.nl>
Subject: Re: cvs commit: src/etc inetd.conf
In-Reply-To: <20001009202540.A2128@citusc17.usc.edu>
Message-ID: <Pine.NEB.3.96L.1001010095155.90573M-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


On Mon, 9 Oct 2000, Kris Kennaway wrote:

> On Tue, Oct 10, 2000 at 02:11:11AM +0000, Terry Lambert wrote:
> > > > >    Do any committers have any objections to me disabling ntalk, finger,
> > > > >    telnet, rsh, and ftp by default in -current?  And sandboxing 'named' by
> > > > >    default in -current?
> > 
> > Won't this make it difficult to bootstrap a headless 1U box?
> 
> The point, which many people in this discussion somehow keep missing,
> is that when you do a default installation of recent versions of
> FreeBSD, the machine reboots with ssh enabled and working.

As I pointed out earlier, there needs to be a way for the administrator to
securely retrieve the SSH key so that they can log in securely.  Otherwise
the whole point of using SSH is lost.  If they just blindly accept the key
without some sort of confirmation, it might as well be telnet.  For
console-based install, this is fine if we print out the key finger print
after the first reboot (although ideally we'd generate it during
sysinstall and formally present it to the administrator).  For a headless
install, there is currently no way to get the key in a secure manner. 

If the answer is, ``Well, it's a local network segment, you should be
fine,'' that applies equally well to telnet, which, as I also mentioned
before, has been standardized a lot longer, has much more
interoperability, is more stable, etc.

  Robert N M Watson 

robert@fledge.watson.org              http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37  ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Safeport Network Services




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message