[Bug 1576353] Re: install openssh-server by default, prompt for enabling it on server iso install
Colin Watson
cjwatson at canonical.com
Mon May 2 17:44:31 UTC 2016
I'm not sure how that would make any difference at all. The problem is
that it's hard for sshd to maintain the necessary state across multiple
invocations when it's being invoked once per connection rather than
having a master process that can trivially keep track of all the
inter-connection state it needs.
Persisting the necessary state in the filesystem somewhere would no
doubt be in principle possible, but would require careful locking and
such, and would add more code to the pre-authentication attack surface.
Upstream is in general very cautious about such changes, and I think
rightly so. AFAICS even Fedora doesn't do this yet, and one would
normally expect them to be enthusiastic about pushing for
systemd-specific enhancements.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1576353
Title:
Install openssh-server with disabled password auth by default on
servers
Status in Ubuntu CD Images:
New
Status in openssh package in Ubuntu:
Triaged
Bug description:
we want to remove 'cloud-image' seed and join it with 'server' seed.
openssh-server is one of the few (3) packages that are in cloud image and not in 'ubuntu-server'.
We'd like to have the server iso install openssh-server by default and
prompt the user if they want to enable it or not.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-cdimage/+bug/1576353/+subscriptions
More information about the foundations-bugs
mailing list