[ previous ] [ next ] [ threads ]
 From:  "Eric Shorkey" <eshorkey at commonpointservices dot com>
 To:  "Derek Quenneville" <techknight at gmail dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] ssh console?
 Date:  Sun, 4 Jul 2004 01:12:56 -0400
I would recommend that adding SSH access be controlled via a check box in
the advanced menu. Default it to "off", and let the users decide if they
really need ssh access. If the setting is set to "off", then don't even
start the ssh server daemon. If there's an obvious use for a feature (like
SSH access), and an obvious demand for such a feature, and adding such a
feature is as easy as adding ssh support would be, then why should a
philosophy get in the way of doing something that is such a good match? If
the design decision for not having ssh access is because of security, just
remember that it's still a hell of a lot more secure than exec.php being
protected by http's weak authentication scheme. It it was a size issue, then
I could understand it, but ssh isn't really that big if you compile it from
source with intelligent switches.

If it were my project, ssh access would be in like flynn, but it's not, so
we'll see what Manuel does with this newfound surge of ssh support requests.

----- Original Message ----- 
From: "Derek Quenneville" <techknight at gmail dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Saturday, July 03, 2004 10:26 PM
Subject: Re: [m0n0wall] ssh console?

> > > It should be noted that this is a specific design decision made by
> > > and that it's pretty firm.
> <snip!>
> > Well, I can think of a few things: :-)
> > 1) Do things that you might do with exec.php but can't because they may
> > generate too much output or hang up for too long.
> <snip!>
> Personally, I like the philosophy behind m0n0wall's design.
> However, if you really need SSH and extra stuff on there, you could
> always switch to IPCop ( http://www.ipcop.org/ )
> -- 
> # Derek Quenneville
> # techknight at gmail dot com
> # http://www.gameslifeandstuff.com
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch