SSH and the Ubuntu Server

[Dustin Kirkland]

Stephan Hermann <sh at sourcecode.de> wrote:
> Moins,
>
> On Thu, 2010-11-18 at 12:24 -0500, Luke Faraone wrote:
>> On 11/18/2010 12:04 PM, Dustin Kirkland wrote:
>> > On Thu, Nov 18, 2010 at 9:30 AM, Colin Watson <cjwatson at ubuntu.com> wrote:
>> >> No, it's not.  In Maverick it was arguably buried.  In Natty, it is the
>> >> very top entry on the tasksel menu, and the cursor rests on it when you
>> >> reach that screen.
>> > [snip]
>> >
>> > I would gladly revise this proposal to simply:
>> >  * Automatically 'tick' OpenSSH Server by default on the Server Tasksel screen
>> >
>> > Which would also sit there and wait for the user to consciously affirm
>> > their selection, and would avoid the countless server installations
>> > where people forget to install SSH and must make their way back to a
>> > console on their newly installed system and add the openssh-server
>> > package.
>>
>> As many people have mentioned, this will cause a surprise for users who
>> click through the install dialogs expecting things to not change since
>> they last used it.
>
> Sorry, but this is something which strucks me, really. When we don't
> change things over time, we will never  have a better user experience.
> When we change something it needs to be documented in a public place
> where everyone interested can read it first hand.

+1

>> Also, since this occurs late in the install process, no dialogs to
>> prompt the user to harden their password can be offered, as others have
>> suggested.
>
> Oh well, we can change that inside the installer as well. Not prompting
> for a user choice, but choosing a hardened password automatically and
> showing it to the user
> mkpasswd --chars=20 --crypt-md5 or whatever should be enough. that's
> only a technical problem easily to solve.
>
>
>> You say there are "countless" installations. I don't think anybody
>> expects SSH to be automatically installed in a new server; it's a
>> service that should be enabled carefully after consideration of your
>> network environment and security needs. I feel that the potential for
>> harm of accidental installation exceeds the increase in convenience from
>> not having to explicitly select the task.
>
> I think we have more installations of RHEL or SLES in the enterprise
> server market, and they do have sshd enabled by default.
> Even when you install an VMWare ESX host, ssh is enabled by default,
> without the questionable root access.

Confirmed this on RHEL6 yesterday.  I installed RHEL6 in multiple
different modes (minimal, default, developer workstation), all of
which a) were running sshd, b) had a root user with a password.

Simply the fact that Ubuntu does not have an active root password by
default means that network attacks via ssh must guess BOTH the
username AND the password.

Choose both wisely and you should be able to repel attacks between the
time that your new Ubuntu Server reboots for the first time and the
time it takes for you to login for the first time and configure
sshd.conf to your liking.  If you're actively working the
installation, we're talking less than 5 minutes.  If you've automated
the deployment via puppet or somesuch, it can be far less than that.

:-Dustin