[OT] Debian mailinglists [was: RE: Debian or Ubuntu?]

Steve Lamb grey at dmiyu.org
Tue May 20 01:29:43 UTC 2008

Derek Broughton wrote:
> Well, it doesn't strictly need to be GUI, but it has to be a question/answer
> interface - anything that requires you to hand edit is a disaster waiting
> to happen (particularly if it's something like SSH where a misconfiguration
> guarantees you're locked out of your system until you can get physical
> access).

    I call FUD.

{grey at mania:~} ssh teleute
Enter passphrase for key '/home/grey/.ssh/identity':

You have mail.
Last login: Sun May 18 01:17:58 2008 from mania
{grey at teleute:~} root
root at teleute:~# /etc/init.d/ssh stop
Stopping OpenBSD Secure Shell server: sshd.
root at teleute:~# echo look, I'm still here!
quote> '
look, Im still here!

    Meanwhile in another window:

grey at mania:~} ssh teleute
ssh: connect to host teleute port 22: Connection refused

    If anyone blows their SSH configuration and locks themselves out it is
because they didn't test it prior to logging out.  That is their fault, not SSH's.

    In fact webmin is, if anything, more culpable to the problem you
mistakenly think happens with SSH since HTTP is not a stream protocol.  Each
request is evaluated separately so if you screw with your settings and manage
to munge webmin it happens immediately with no testing.

    In fact the only time I have ever sweated my connection to my remote
server was when I was installing knockd and integrating it into shorewall.
Screw up your firewall settings and drop packets from your current host you're
toasted faster than even messing up transactional connections.  For the
record, I screwed the pooch.  Good thing my hosting company, 3000 miles away,
has webmin!  No, wait, no, I ripped that out right away.  Good thing I rented
a VM with an ssh connection directly to the console.  And before that when I
rented a real server I still have an ssh pipe directly to the console.

    FUD, it's not just for Microsoft any more.

         Steve C. Lamb         | But who decides what they dream?
       PGP Key: 1FC01004       |   And dream I do...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20080519/f550738b/attachment.pgp>

More information about the ubuntu-users mailing list