Jim Higson wrote (about SSH):
> Out of curiosity, how much does it really matter so long as you have strong
> passwords?
>
> If security holes are discovered in ssh, then sure, someone who knows what
> they're doing might be able to gain access. But then someone qualified enough
> to find new holes in ssh won't be targeting my desktop box, or the http
> server for a small buisines.
>
> In general isn't ssh pretty secure, and aren't security fixes normally issued
> before the script kiddies get hold of an exploit?
Yes.
But how quick are you on the patch?
If you're going to configure yum to automatically install new versions,
you're *probably* OK. If you leave installing patches until you've had a
chance to manually review them, and go away for a week or two, and a
patch comes out the first Monday you're away...
(And it's always possible for your yum mirror to be taken off-line on
the Sunday: always configure at least two mirrors if you want unattended
operation. And *check your logs!*)
Security is never an absolute: what you are doing is managing risk. In
this case, there is very little risk (with decent passwords), but there
is some.
James.
--
E-mail address: james | ... taking out three "redundant" fiber backbones
@westexe.demon.co.uk | buried in the same trench with a backhoe.
| Why they buried the backhoe there, I'll never know.
| -- Bruce Tomlin
