Am Montag, den 12.01.2015, 17:20 +0000 schrieb P J P: > > If you really want to improve security and mitigate BF attacks against > > root, do this: > > A) do not run SSHD by default > > That's a non-option.
This is actually implemented in Workstation, i.e. the sshd.service is not enabled by default when installing from the Workstation Live CD (or any other live CD, I think). The explanation I once got for this can be found in [0]. I guess this is also what most users of Workstation would expect. On the other hand, when using the server netinst image (which, despite its name, is a generic installation image) to install Workstation, you end up with an enabled sshd.service after installation. Maybe this difference can be addressed together with what ever is decided upon in this discussion? I think having some consistency here would be good. [0] https://bugzilla.redhat.com/show_bug.cgi?id=869848#c6 -- Volker -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
