Call for testing for 3.5 OpenSSH

Lacoss-Arnold, Jason Jason.Lacoss-Arnold at AGEDWARDS.com
Fri Sep 27 00:53:11 EST 2002


It's an organizational value, not a personal one.  It's much harder to get
an exception from way on high to turn off password aging on 500 unix servers
than it is to just turn off privsep.

-----Original Message-----
From: Damien Miller [mailto:djm at mindrot.org]
Sent: Thursday, September 26, 2002 8:31 AM
To: Lacoss-Arnold, Jason
Cc: 'Darren Tucker'; Jeff Koenig; Portable OpenSSH
Subject: RE: Call for testing for 3.5 OpenSSH


On Thu, 2002-09-26 at 23:14, Lacoss-Arnold, Jason wrote:
> For whatever its worth, we're doing the same thing with no problems so
far.
> We turned the auth-pam stuff on and privsep off.  We'd love to use
privsep,
> but usable password aging is more important.

You are so wrong...

How many break-ins are achieved by guessed passwords? 

How many by exploiting bugs in server software?

-d


***********************************************************************************
WARNING:  All e-mail sent to and from this address will be received or
otherwise recorded by the A.G. Edwards corporate e-mail system and is
subject to archival, monitoring or review by, and/or disclosure to,
someone other than the recipient.
************************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020926/b942bce5/attachment.html 


More information about the openssh-unix-dev mailing list