From owner-freebsd-questions@FreeBSD.ORG Thu Jul 13 15:09:33 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BAABE16A4DF for ; Thu, 13 Jul 2006 15:09:33 +0000 (UTC) (envelope-from freebsd.ph@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id 27E3A43D83 for ; Thu, 13 Jul 2006 15:09:20 +0000 (GMT) (envelope-from freebsd.ph@gmail.com) Received: by ug-out-1314.google.com with SMTP id o2so325233uge for ; Thu, 13 Jul 2006 08:09:19 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=TyEP8fZdeDX4OU9zwxfRql4XutifrI1SfqHWsqYWyHeD+8bb+RV160VHkiptRg6LbCZKphIoaqDpaEjm9NJN+LeBIzclo57mWJn+8Y7NG05SlY5ziSGf7E4dVUQr4a9QEKsTOssMF5LEYAHLlyWCElU3pMUWJt5a9Rdwl4EdyfI= Received: by 10.78.138.14 with SMTP id l14mr708891hud; Thu, 13 Jul 2006 08:09:19 -0700 (PDT) Received: by 10.78.141.18 with HTTP; Thu, 13 Jul 2006 08:09:19 -0700 (PDT) Message-ID: Date: Thu, 13 Jul 2006 23:09:19 +0800 From: "jan gestre" To: "Jerry McAllister" In-Reply-To: <200607131505.k6DF591r017917@clunix.cl.msu.edu> MIME-Version: 1.0 References: <200607131505.k6DF591r017917@clunix.cl.msu.edu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Liste FreeBSD Subject: Re: getting rid of apache passphrase X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Jul 2006 15:09:33 -0000 On 7/13/06, Jerry McAllister wrote: > > > > > hello people, > > > > just want to ask if getting rid of the apache passphrase poses a > security > > threat, i don't want the company i worked for calling me up everytime > they > > cant access the webserver because the server is asking for the > passphrase > > everytime the box restarts du to power failure. > > Depends on how good your control of access to the server is. > In my case for example, I control physical access to the machine. > That could be, and has been a problem when I was away and power > went out, to get things back up, so I got rid of the passphrase. > Now, as long as the fsck-s clear at boot time, the server makes > it all the way back up without intervention. > > But, if you have a lot of people running around, even if ignorant, > then you might want to think again about eliminating it. > > It is less likely to be a concern for remote access, but could come > up, especially if someone gets root to your server. Of course, then > all bets are off anyway. > > yeah there are lots of ignorant people here in our organization :D, that > is why all my nix servers are headless since we don't have room to secure > them physically. thanks for your all your opinions :) >