On Thu, 2005-08-25 at 01:48 +0200, Guenther Niess wrote: > Now my question is: Does it really make sense to install Kerberos, Cyrus > SASL and stunnel on my system?
Almost certainly not for a desktop machine. I've never tried installing any of the three, and wouldn't do so unless they were a hard dependency for something else. The same applies to PAM - unless you want to try out exotic authentication schemes, it's of little benefit on a single-user system. > It's difficult for me to see any advantage on many security programs. Is > it not enough to install OpenSSL, Iptables, GnuPG, Tripwire and SSH for > a desktop system or I'm naive? Well, openssl you'll need, simply because it's used by a large number of applications like web browsers and email. And most machines can probably benefit from using iptables to block off unwanted inbound connections. As for the others, what do you need them for? GnuPG lets you sign and encrypt things like email and files - nice to have, but non-essential. SSH isn't really needed on a desktop, unless you're using it to log in to other machines or will be logging in to yours from elsewhere. Don't know much about Tripwire - probably nice to have, but not vital. Don't just install packages for the sake of installing them - find out what they do, and install them if you actually need what the package provides. Simon.
signature.asc
Description: This is a digitally signed message part
-- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
