On 7/13/06, Jerry McAllister <[EMAIL PROTECTED]> wrote:

> hello people,
> just want to ask if getting rid of the apache passphrase poses a
> threat, i don't want the company i worked for calling me up everytime
> cant access the webserver because the server is asking for the
> everytime the box restarts du to power failure.

Depends on how good your control of access to the server is.
In my case for example, I control physical access to the machine.
That could be, and has been a problem when I was away and power
went out, to get things back up, so I got rid of the passphrase.
Now, as long as the fsck-s clear at boot time, the server makes
it all the way back up without intervention.

But, if you have a lot of people running around, even if ignorant,
then you might want to think again about eliminating it.

It is less likely to be a concern for remote access, but could come
up, especially if someone gets root to your server.   Of course, then
all bets are off anyway.

yeah there are lots of ignorant people here in our organization :D, that
is why all my nix servers are headless since we don't have room to secure
them physically. thanks for your all your opinions :)

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to