[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RedHat 7 distribution cds



On Wed, Mar 07, 2001 at 04:53:58PM +0200, Nadav Har'El wrote:
> There are other rules, like "Never run anything that sends shell-account
> passwords cleartext" (telnet is obviously a faux-pas, but so are
> non-anonymous FTP and Pop3 - unless these accounts are shell-less),
> but I'll leave some for another time ;)

Or if your shell-owning users are too stupid to avoid using POP3,
make sshd work with RSA keys only. That way, even if the regular
password is grabbed, it'll be useless to get a shell.

-- 
Best regards,
Ilya Konstantinov

=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il