On 21 March 2013 10:01, William Harrington <berzerk...@cox.net> wrote:
As far as it recreating ssh keys, I don't think you'd want to publish a > livecd and distribute it and then everyone on the planet using the same ssh > key if they have it open to the public vie their network connection. I > don't know if that would happen often, but I'm sure plenty of people use > livecd's as servers. > Curious. I installed my OpenSSH on my project and set a root password. I too thought about the security risk, but didn't think it was an issue for a LiveCD with the purpose of building LFS. Personally, I'd like to put the CD in a box without a monitor or keyboard (BIOS dependent!) and ssh into it. The box will only be a security risk to the local network it resides on. There's no need for a root login apart from convenience, having a standard user defined with sudo permissions would be exactly the same risk. I also weighed up the possibility of the CD being installed to a hardrive, but LFS is not a full distribution that hold your hand and updates/secures the system so it's inappropriate to treat the CD as anything but a platform for building LFS.
-- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
