I guess the questions is why wouldn't you use a strong password? What is there to gain?
Cheers, Justin On Jul 2, 2012, at 11:59 AM, Lazar, Alexey Vladimirovich wrote: > Ok, thanks. > > Another question. How much should I worry about the strength of ejabberd > user passwords? Does it matter in terms of security? > > Thanks. > > On Jun 30, 2012, at 07:15 , Thomas Berezansky wrote: > >> I don't think localhost is needed. >> >> As for max_stanza_size, it doesn't need to be a power of two because it >> isn't a memory size or anything, it is a sanity check in ejabberd. It needs >> to be larger than the default because OpenSRF sends fairly large messages on >> a regular basis, at least with Evergreen running over it. At the size in >> question S2S messages don't need a significantly larger setting. >> >> In general, the default and recommended items across ejabberd's config is >> assuming you are setting up an XMPP *chat* server, with people sending >> messages to each other using the various features of XMPP. OpenSRF interacts >> with XMPP much differently, and as such the various notes may not fully >> apply. >> >> Thomas Berezansky >> Merrimack Valley Library Consortium >> >> >> Quoting "Lazar, Alexey Vladimirovich" <[email protected]>: >> >>> Hi, a couple of questions about ejabberd settings. >>> >>> 1. For OpenSRF, is the "localhost" entry required in the hosts directive? >>> >>> {hosts, ["localhost", "private.localhost", "public.localhost"]} >>> >>> Or can it be safely omitted with just the private.localhost and >>> public.localhost hosts listed? >>> >>> 2. Max_stanza_size. >>> >>> Ejabberd documentation says: >>> {max_stanza_size, Size} >>> This option specifies an approximate maximum size in bytes of XML stanzas. >>> Approximate, because it is calculated with the precision of one block of >>> read data. For example {max_stanza_size, 65536}. The default value is >>> infinity. Recommended values are 65536 for c2s connections and 131072 for >>> s2s connections. s2s max stanza size must always much higher than c2s >>> limit. Change this value with extreme care as it can cause unwanted >>> disconnect if set too low. >>> >>> OpenSRF instructions say: >>> Change all max_stanza_size values to 2000000. >>> >>> The OpenSRF-recommended value is the same for c2s and s2s connections, >>> which differs from what the ejabber documentation suggests. I am curious >>> about a) what requires these values to change for OpenSRF in the first >>> place, b) why the OpenSRF-recommended value for c2s and s2s is the same, >>> and 3) why a power of 2 is not used for it, e.g., 2097152? >>> >>> Any "science" behind these and other OpenSRF-recommended settings, or just >>> safe guesses? >>> >>> Thanks. >>> >>> Alexey Lazar >>> PALS >>> Information System Developer and Integrator >>> 507-389-2907 >>> http://www.mnpals.org/ >>> >>> >> >> > > > Alexey Lazar > PALS > Information System Developer and Integrator > 507-389-2907 > http://www.mnpals.org/ >
