IRC Logs for #crux-devel Monday, 2009-06-15

aon08:12 -!- arnuld [n=arnuld@unaffiliated/arnuld] has joined #ratpoison00:27
*** mike_k has joined #crux-devel02:46
*** mike_k_ has joined #crux-devel04:47
*** mike_k has quit IRC04:49
*** mike_k_ has quit IRC06:27
*** jtnl has joined #crux-devel06:37
*** jtnl has quit IRC06:52
*** sepen has joined #crux-devel07:35
jaegerheh, I guess turning off ssh password logins did surprise someone08:07
jaegernamely charlie08:07
*** treach has joined #crux-devel08:50
*** mike_k has joined #crux-devel08:59
*** Rotwang has joined #crux-devel10:05
tilmanjust saw that10:25
tilmando the pros allow root login via ssh?10:31
treachdepends on what you mean with "pro". :P10:33
tilmanpeople doing systems administration as their profession :>10:33
treachpurported "professionals" do a lot of bad stuff they shouldn't do.10:33
tilmanjaeger: i prefer to not allow root logins. your opinion?10:34
treachso, I'm sure there are a lot of "pros" who allow it, but I'd definitely advice against it..10:34
sepenI'm working as system administrator for our license/product servers and I never do that10:34
sepenonly key access as admin user10:35
treachif only more admins were like that. :>10:35
tilmantek_: maverick contacted me. i replied (incl quotes); check out the ml10:35
treachtilman: I guess the correct answer is "competent pros doesn't allow root login" :)10:36
tilmanthought so :D10:37
treachespecially since you can't bloody well block it for trying too many times :P10:37
jaegertilman: I only have root logins allowed on a few machines and only have access to them via ipsec tunnels10:38
jaegergenerally I would not allow it10:38
prologicI don't even allow normal password access to my systems10:38
prologickey only10:38
tilmanthis isn't about password-vs-keys10:39
tilmanjaeger: thanks10:39
prologicno I know that10:39
prologicbut I disable root access as well :)10:39
prologicon anything10:39
mike_kjaeger: btw, do you have a functioning config for ipsectools/racoon or just static keys? my port does not provide that config as I never tried it.10:42
jaegermike_k: our ipsec tunnels are handled by pfsense (freebsd) but I could probably dig into the config if you need some info or something10:43
mike_kjaeger: ah, no need. I just had hard time to find a working config by the time the port was created.10:44
tek_yeah, tilman.  :)10:44
*** Rotwang1 has joined #crux-devel10:52
*** Rotwang has quit IRC10:55
*** sepen has quit IRC11:17
*** sepen has joined #crux-devel13:09
*** Rotwang1 is now known as Rotwang14:07
*** jtnl has joined #crux-devel14:44
*** sepen has quit IRC15:02
*** Rotwang has quit IRC15:08
*** Rotwang has joined #crux-devel15:10
*** Rotwang has quit IRC15:14
*** mike_k has quit IRC17:15
*** clb has joined #crux-devel19:54
*** mike_k has joined #crux-devel23:17
*** mike_k has quit IRC23:37

Generated by 2.11.0 by Marius Gedminas - find it at!