Call for testing for 3.5 OpenSSH
Lacoss-Arnold, Jason
Jason.Lacoss-Arnold at AGEDWARDS.com
Fri Sep 27 00:53:11 EST 2002
It's an organizational value, not a personal one. It's much harder to get
an exception from way on high to turn off password aging on 500 unix servers
than it is to just turn off privsep.
-----Original Message-----
From: Damien Miller [mailto:djm at mindrot.org]
Sent: Thursday, September 26, 2002 8:31 AM
To: Lacoss-Arnold, Jason
Cc: 'Darren Tucker'; Jeff Koenig; Portable OpenSSH
Subject: RE: Call for testing for 3.5 OpenSSH
On Thu, 2002-09-26 at 23:14, Lacoss-Arnold, Jason wrote:
> For whatever its worth, we're doing the same thing with no problems so
far.
> We turned the auth-pam stuff on and privsep off. We'd love to use
privsep,
> but usable password aging is more important.
You are so wrong...
How many break-ins are achieved by guessed passwords?
How many by exploiting bugs in server software?
-d
***********************************************************************************
WARNING: All e-mail sent to and from this address will be received or
otherwise recorded by the A.G. Edwards corporate e-mail system and is
subject to archival, monitoring or review by, and/or disclosure to,
someone other than the recipient.
************************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020926/b942bce5/attachment.html
More information about the openssh-unix-dev
mailing list