Date: Tue, 23 Apr 2002 12:22:31 +0200 From: Marco Molteni <molter@tin.it> To: hackers@freebsd.org Subject: Re: Security through obscurity? (was: ssh + compiled-in SKEY support considered harmful?) Message-ID: <20020423102231.9450.qmail@cobweb.example.org> In-Reply-To: <20020423093826.GA58411@mithrandr.moria.org> References: <rwatson@FreeBSD.ORG> <11670.1019530386@winston.freebsd.org> <20020423131646.I6425@wantadilla.lemis.com> <200204231009.51297.j.kossen@home.nl> <20020423183452.M6425@wantadilla.lemis.com> <20020423211359.D48271@cs.waikato.ac.nz> <20020423093826.GA58411@mithrandr.moria.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 23 Apr 2002 11:38:26 +0200, Neil Blakey-Milner <nbm@mithrandr.moria.org> wrote: > On Tue 2002-04-23 (21:13), Joerg Micheel wrote: [..] > > The system has to work right away, when installed out of the box. Period. > > No when's and if's. And don't tell me that X11 is an add-on and luxury. > > We are living in the 21st century. > > There are people who will tell people that still use X11 tcp sockets to > start living in the 21st century. ssh X11 forwarding still works, it's > only the (often much lower security) tcp sockets that are disabled by > default. (And if the "none" cipher is available, the overhead would be > minimal for even the most underpowered machine.) [..] I completely agree with Neil. Being scared by X11 access mechanisms, I always disabled the TCP listen of the X server, and I always used ssh with X forwarding. marco To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020423102231.9450.qmail>