Fwd: modifying the chapter layout

Steve Crosby fost at hotmail.com
Tue Feb 22 01:55:40 PST 2005


Archaic <archaic at linuxfromscratch.org> wrote in
news:20050222084430.GB20914 at linuxfromscratch.org: 

> On Mon, Feb 21, 2005 at 12:11:17AM -0500, Robert Connolly wrote:
>> 

<snip>

>> This way everything has its place. I don't like the idea of two pages
>> for openssh, one for daemon and one for client, because one page can
>> handle both. 
> 
> Yes one page *can* handle both, but their usage is vastly different.
> sshd is a daemon that should be installed in a servers section of the
> book. ssh is a client that should not be in a servers section. Since
> everything after the base system is highly dependenct on user
> requirements, and since this is intended to be an educational book, it
> seems only proper to put things in the relevant sections. Any one else
> have an opinion on this?
> 

Personally, I don't feel a hardened *server* class machine should be 
allowed to connect *out* via ssh...for example my firewall will allow 
limited (s/key one time password based, internal only) access into the box 
for an unprivileged user, but the actual ssh client binary and 
configuration files are removed.

If someone does get into the machine, they aren't going to get much 
further...(since all compilers, et all are also gone, r\o fs, etc).

-- -
Steve Crosby



More information about the hlfs-dev mailing list