On 01/28/2014 12:37 PM, Brian wrote: > On Tue 28 Jan 2014 at 11:40:04 -0800, Jon Danniken wrote: > >> Thanks Brian, I ended up removing openssh-server, as it was not >> something I needed; it was automatically installed and set up to run as >> a "feature" of the live CD I used to install Debian with (installed as >> part of the "live-tools" package). Fortunately I came across the posting >> that alerted me to this, and have removed it from both of my machines. > > Removing software which runs as a daemon is good practice. Why have a > process listening for external connections when it is unnecessary?
Exactly; this was my rationale for starting this thread, to hopefully find out what other daemons might be running out of the box that I would be wise to either reconfigure or remove entirely (assuming I am not using them, which, as in the case of openssh-server, I am not). >> If I end up using openssh in the future I will definitely use a private >> key, though. > > Another battle lost. :) You'll have to wait until I decide to reinstall ssh to know the outcome of that case, if and/or when. > But ssh keys are great for some situations. The problem is their > advocates never describe what the situations are and it is too often a > case of being instructed to "use a ssh key". The downsides to a ssh > key are left unsaid and the impression is given that a password login is > naff and insecure. The pros and cons of an ssh key login are rarely > disussed by these advocates, > > I'll just end by reminding you that your ssh key might be stored on a > USB stick. Forget the stick and you don't get to access your account. > Passwords are in your memory and, fallible though it might be, it is > usually accessible. In the last resort the password could come to you > in a dream. :) Thanks, Jon -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52e82ee2.6050...@q.com
