[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gpsd-dev] HOWTO: Security
From: |
Gary E. Miller |
Subject: |
Re: [gpsd-dev] HOWTO: Security |
Date: |
Tue, 24 May 2016 15:13:31 -0700 |
Yo Eric!
On Tue, 24 May 2016 18:03:51 -0400
"Eric S. Raymond" <address@hidden> wrote:
> > Or even disable password logins altogether and use ssh keys only.
> > But that's not for the HOWTO's target audience, unfortunately.
>
> Actually ./clockbuilder --secure does exactly that. Gary's argument
> is that the --secure step should be done first rather than last. It's
> somewhat undermined by the fact that under his assumptions even that
> isn't good enough.
I do not want the best to be the enemy of the better. I'll settle for
the next small improvement.
I admit to have a sore spot on getting a good password in first. I have
seen many times a box hacked by a default passwword before people get to
the end of an install procedure to change it. In one case I watched
the same team, doing the same install, over and over again, and getting
hacked each time. They spent a full day on a 30 min procedure and
never completed.
My own host logs, for today, shows some hours of 3 or more attempts on
user pi. So, if the entire install procedure takes 30 mins, there is
a pretty good chance that pi gets hacked before the password chage at the
end.
Fool me once, shame on you, fool me twice, shame on me.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
address@hidden Tel:+1 541 382 8588
pgprmm5SCropJ.pgp
Description: OpenPGP digital signature
- Re: [gpsd-dev] Draft Stratum 1 Microserver HOWTO is up, (continued)
- Re: [gpsd-dev] Draft Stratum 1 Microserver HOWTO is up, Gary E. Miller, 2016/05/24
- [gpsd-dev] HOWTO: Security, Hal Murray, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Gary E. Miller, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Eric S. Raymond, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Gary E. Miller, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Paul Fertser, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Eric S. Raymond, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security,
Gary E. Miller <=
- Re: [gpsd-dev] HOWTO: Security, Eric S. Raymond, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Gary E. Miller, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Eric S. Raymond, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Kurt Roeckx, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Gary E. Miller, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Eric S. Raymond, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Hal Murray, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Eric S. Raymond, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Hal Murray, 2016/05/24
- Re: [gpsd-dev] HOWTO: Security, Eric S. Raymond, 2016/05/24