Date: Thu, 26 Jun 1997 22:27:19 +0200 From: sthaug@nethelp.no To: jas@flyingfox.com Cc: freebsd-security@FreeBSD.ORG, nathan@senate.org Subject: Re: SSHD from Inetd Message-ID: <4731.867356839@verdi.nethelp.no> In-Reply-To: Your message of "Thu, 26 Jun 1997 12:31:08 -0700 (PDT)" References: <199706261931.MAA00269@biggusdiskus.flyingfox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Or you can do what we've done on some of our machines, and turn off inetd, > leaving *only* sshd running. Who needs legacy protocols like telnet and > ftp when you've got sshd? (Tongue partly in cheek here; but only partly. > This really does work well in some environments.) You're not the only one. We have some machines here with only ssh login, and the only thing run out of inetd is the qmail smtpd. I've been wishing for a few more knobs for just such situations - for instance a knob to control whether portmap is started or not. I normally turn off portmap - because I have no use for it, and because portmap has traditionally had security holes. (I'm confident that the FreeBSD portmap is better than the old SunOS 4.1.x portmap in this regard, but it could still have security holes.) Steinar Haug, Nethelp consulting, sthaug@nethelp.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4731.867356839>