Fwd: modifying the chapter layout
fost at hotmail.com
Tue Feb 22 01:55:40 PST 2005
Archaic <archaic at linuxfromscratch.org> wrote in
news:20050222084430.GB20914 at linuxfromscratch.org:
> On Mon, Feb 21, 2005 at 12:11:17AM -0500, Robert Connolly wrote:
>> This way everything has its place. I don't like the idea of two pages
>> for openssh, one for daemon and one for client, because one page can
>> handle both.
> Yes one page *can* handle both, but their usage is vastly different.
> sshd is a daemon that should be installed in a servers section of the
> book. ssh is a client that should not be in a servers section. Since
> everything after the base system is highly dependenct on user
> requirements, and since this is intended to be an educational book, it
> seems only proper to put things in the relevant sections. Any one else
> have an opinion on this?
Personally, I don't feel a hardened *server* class machine should be
allowed to connect *out* via ssh...for example my firewall will allow
limited (s/key one time password based, internal only) access into the box
for an unprivileged user, but the actual ssh client binary and
configuration files are removed.
If someone does get into the machine, they aren't going to get much
further...(since all compilers, et all are also gone, r\o fs, etc).
More information about the hlfs-dev