[gpsd-dev] HOWTO: Security
Eric S. Raymond
esr at thyrsus.com
Tue May 24 22:03:51 UTC 2016
Paul Fertser <fercerpav at gmail.com>:
> On Tue, May 24, 2016 at 02:38:23PM -0700, Gary E. Miller wrote:
> > The primary defense is simple, change passwords FIRST.
>
> Or even disable password logins altogether and use ssh keys only. But
> that's not for the HOWTO's target audience, unfortunately.
Actually ./clockbuilder --secure does exactly that. Gary's argument
is that the --secure step should be done first rather than last. It's
somewhat undermined by the fact that under his assumptions even that
isn't good enough.
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
More information about the devel
mailing list