|
Full Disclosure
mailing list archives
Re: Ubuntu 11.10 now unsecure by default
From: Olivier <feuille () bibibox fr>
Date: Thu, 17 Nov 2011 21:52:14 +0100
On 11/17/2011 08:34 PM, Ryan Dewhurst wrote:
Are there any other services this may effect?
The question could also be how many features like this are (will be?)
silently enabled by default on new Ubuntu systems.
"Perfect for business use, Ubuntu is safe, intuitive and stable" --
http://www.ubuntu.com/business
Ubuntu is clearly no more recommended for business use. End users will
have to become security experts to avoid teenager's attacks ... shameful
On Thu, Nov 17, 2011 at 7:18 PM, Andrew N Dowden
<andrew_dowden () softdesign net nz
<mailto:andrew_dowden () softdesign net nz>> wrote:
On 18/11/11 23:46, Larry W. Cashdollar wrote:
Anyone know what the default is for Ubuntu 11
PermitEmptyPasswords no
PasswordAuthentication no
in /etc/ssh/sshd_config?
for Ubuntu 11.10 (Oneiric)
snip: ( from */etc/ssh/sshd_config* )
--
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
--
# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes
--
--
Olivier
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: Ubuntu 11.10 now unsecure by default, (continued)
(Thread continues...)
| 
