On Sat, Jul 21, 2001 at 07:52:02PM -0700, Jacob Meuser wrote:
And whose going to teach them? Certainly not an OS that makes it as
easy as 'apt-get install apache' !
Well, your solution of making it more obfuscated and difficult will
cause even more of a problem.
Exactly. It is more of a special case to *not* want a server to start
at boot rather than the other way around. To those who think that
apt-get install apache is too easy, then why is apt-get remove apache
too hard?
-Rob
On Sun, Jul 22, 2001 at 04:00:43PM +0200, Bernhard R. Link wrote:
On
On Sun, Jul 22, 2001 at 07:28:31PM -0500, Kenneth Pronovici wrote:
If you're upgrading for
security and bug fixes, you use upgrade.
In michael's defense, take this entry from the apt-get mapage:
dist-upgrade
dist-upgrade, in addition to performing the func
On Thu, Aug 09, 2001 at 05:26:50PM +0200, Christian Kurz wrote:
option pgp_create_traditional. That option might help you very much,
but instead I would suggest that the other MUA's get fixed.
Um, wouldn't that be every other MUA asid from mutt and maybe one or two
others?
-Rob
--
To
I seem to be having a small problem with something in the
logcheck.ignore file. The default setup for the logcheck package under
debian already contains this entry in logcheck.ignore to avoid reporting
this common cron job:
/USR/SBIN/CRON\[.*\]: (mail) CMD ( if \[ -x /usr/sbin/exim \]; then
On Fri, Oct 19, 2001 at 12:24:45PM -0500, Kenneth Pronovici wrote:
i think Linus has already approved the patch. im not sure yet when will
it arrive though..
Yes, the email linked to by that /. posting :
On this list (I beleive) I saw someone mention the use of /bin/passwd as
a shell for mail-only users so they can easily change their password
without having to ask someone. Is this a secure option, or am I missing
some glaring problems? If so, what are some other possible solutions?
Thanks,
On Thu, Jan 24, 2002 at 07:23:35AM +0100, martin f krafft wrote:
also sprach Rob VanFleet
On this list (I beleive) I saw someone mention the use of /bin/passwd
as a shell for mail-only users so they can easily change their password
without having to ask someone. Is this a secure
On Mon, Apr 01, 2002 at 10:35:35AM -0500, Jon McCain wrote:
But changing permissions on the .bash_profile so they don't own it (and
not in their group) should take care of that problem. They can read it
all they want, just not change it.
A cleaner solution would be to make it immutable.
(as
I have a situation where my superiors are leaning heavily on me to make
life more convenient for them by having total availability of data from
a group of machines. They basically want to log into any one machine
within this group with the same password, and be able to access any
disks they
On Sun, Apr 07, 2002 at 07:39:43PM -0700, Luca Filipozzi wrote:
Two choices for authentication (passwd + shadow):
(1) Kerberos
Never used it. Can't advise you.
I've looked at Kerberos, but at least a cursory glance at leaves the
impressions that it is ridiculously complicated to set up
On Tue, Apr 09, 2002 at 12:37:27PM +0200, Wichert Akkerman wrote:
Previously Alan Shutko wrote:
An AFS-based setup is used at many places to great effect, especially
on untrusted nets, but I don't know how bad setup is. I suspect it's
evil.
There is also SFS which works very nicely
On Tue, Apr 09, 2002 at 07:23:28AM -0700, Luca Filipozzi wrote:
On Tue, Apr 09, 2002 at 06:51:38AM -0500, Rob VanFleet wrote:
After doing some reading about it, the only thing that turns me off to
SFS is that you still have to run the usual NFS services for it to work.
A large part
On Sat, Nov 16, 2002 at 11:55:49AM +0100, poczta wrote:
people, do not respond to 'unsubscribe' messages, 'cause from
on mail it grows to many messages, so think twice before
you mail on it. thanks
or at the very least, If you are bound and determined to address this
person's erorr, reply to
On Sat, Mar 08, 2003 at 08:16:38PM +0100, Thomas Sj?gren wrote:
On Sat, 8 Mar 2003, Birzan George Cristian wrote:
It should be locked down and not touched by adduser (Would You Like To
Make All Homedirs World-Readable?).
root is not the regular user. Users need o+x on their home dirs
On Fri, Aug 01, 2003 at 11:04:32AM +0200, Kjetil Kjernsmo wrote:
On Friday 01 August 2003 04:10, Peter Cordes wrote:
You should use ssh-keygen to create a keypair on each machine, and
copy the public key from the machine you generated it on to the other
machine. This allows quick
On Sat, Jul 21, 2001 at 07:52:02PM -0700, Jacob Meuser wrote:
And whose going to teach them? Certainly not an OS that makes it as
easy as 'apt-get install apache' !
Well, your solution of making it more obfuscated and difficult will
cause even more of a problem.
On Sun, Jul 22, 2001 at 07:59:47AM -0500, chandler wrote:
Similarly, after a recent apt-get dist-upgrade (intended to grab security
updates only,
Then why did you dist-upgrade? I think it's pretty self-explanatory
that if you're upgrading from one distribution to another (like from
stable to
Exactly. It is more of a special case to *not* want a server to start
at boot rather than the other way around. To those who think that
apt-get install apache is too easy, then why is apt-get remove apache
too hard?
-Rob
On Sun, Jul 22, 2001 at 04:00:43PM +0200, Bernhard R. Link wrote:
On
On Thu, Aug 09, 2001 at 05:26:50PM +0200, Christian Kurz wrote:
option pgp_create_traditional. That option might help you very much,
but instead I would suggest that the other MUA's get fixed.
Um, wouldn't that be every other MUA asid from mutt and maybe one or two
others?
-Rob
I seem to be having a small problem with something in the
logcheck.ignore file. The default setup for the logcheck package under
debian already contains this entry in logcheck.ignore to avoid reporting
this common cron job:
/USR/SBIN/CRON\[.*\]: (mail) CMD ( if \[ -x /usr/sbin/exim \]; then
On Fri, Oct 19, 2001 at 12:24:45PM -0500, Kenneth Pronovici wrote:
i think Linus has already approved the patch. im not sure yet when will
it arrive though..
Yes, the email linked to by that /. posting :
On Thu, Jan 24, 2002 at 07:23:35AM +0100, martin f krafft wrote:
also sprach Rob VanFleet
On this list (I beleive) I saw someone mention the use of /bin/passwd
as a shell for mail-only users so they can easily change their password
without having to ask someone. Is this a secure option
On Mon, Apr 01, 2002 at 10:35:35AM -0500, Jon McCain wrote:
But changing permissions on the .bash_profile so they don't own it (and
not in their group) should take care of that problem. They can read it
all they want, just not change it.
A cleaner solution would be to make it immutable.
(as
I have a situation where my superiors are leaning heavily on me to make
life more convenient for them by having total availability of data from
a group of machines. They basically want to log into any one machine
within this group with the same password, and be able to access any
disks they
On Sun, Apr 07, 2002 at 07:39:43PM -0700, Luca Filipozzi wrote:
Two choices for authentication (passwd + shadow):
(1) Kerberos
Never used it. Can't advise you.
I've looked at Kerberos, but at least a cursory glance at leaves the
impressions that it is ridiculously complicated to set up and
On Tue, Apr 09, 2002 at 12:37:27PM +0200, Wichert Akkerman wrote:
Previously Alan Shutko wrote:
An AFS-based setup is used at many places to great effect, especially
on untrusted nets, but I don't know how bad setup is. I suspect it's
evil.
There is also SFS which works very nicely
On Tue, Apr 09, 2002 at 07:23:28AM -0700, Luca Filipozzi wrote:
On Tue, Apr 09, 2002 at 06:51:38AM -0500, Rob VanFleet wrote:
After doing some reading about it, the only thing that turns me off to
SFS is that you still have to run the usual NFS services for it to work.
A large part
On Wed, Apr 10, 2002 at 12:21:13AM +0100, Gareth Bowker wrote:
On Tue, Apr 09, 2002 at 04:02:34PM -0500, Rob VanFleet wrote:
On Tue, Apr 09, 2002 at 07:23:28AM -0700, Luca Filipozzi wrote:
You run those service locally on each machine only. You don't make them
available to other
I am trying to use RSA authentication between different machines, but
I'm running into trouble between machines running different versions of
ssh.
Machine A is running unstable with OpenSSH 3.0.2p1, and it is trying to
connect to machine B running stable, with a compiled from source ssh,
version
On Sat, Jun 22, 2002 at 07:50:07PM +0200, Dietmar Goldbeck wrote:
It is very difficult to help you without error messages, since there
shouldn't be a problem. openssh 3.0.2 and 3.2.3 play perfectly well
with each other.
There weren't any error messages, otherwise I would have provided them.
On Wed, Jun 26, 2002 at 02:11:00PM +0200, InfoEmergencias - Luis Gómez wrote:
Hi all
Messing up with sshd_config for all the privsep stuff, I've noticed that
PermitRootLogin was set to yes in my three woody boxes. I usually
consider this a problem (although it has been my fault - i should
On Tue, Jul 30, 2002 at 01:22:50PM -0400, Phillip Hofmeister wrote:
On Tue, 30 Jul 2002 at 11:09:49AM -0600, Crawford Rainwater wrote:
Thanks to all on the Portsentry issue I had
a week ago.
Along those same lines, I have two ports I cannot
figure out (even looking through the LDP) on
On Sat, Nov 16, 2002 at 11:55:49AM +0100, poczta wrote:
people, do not respond to 'unsubscribe' messages, 'cause from
on mail it grows to many messages, so think twice before
you mail on it. thanks
or at the very least, If you are bound and determined to address this
person's erorr, reply to
On Sat, Mar 08, 2003 at 08:16:38PM +0100, Thomas Sj?gren wrote:
On Sat, 8 Mar 2003, Birzan George Cristian wrote:
It should be locked down and not touched by adduser (Would You Like To
Make All Homedirs World-Readable?).
root is not the regular user. Users need o+x on their home dirs
On Fri, Aug 01, 2003 at 11:04:32AM +0200, Kjetil Kjernsmo wrote:
On Friday 01 August 2003 04:10, Peter Cordes wrote:
You should use ssh-keygen to create a keypair on each machine, and
copy the public key from the machine you generated it on to the other
machine. This allows quick
36 matches
Mail list logo
