[CentOS] Security advice, please

Anne Wilson cannewilson at googlemail.com
Wed Dec 24 19:03:17 UTC 2008


On Wednesday 24 December 2008 17:43:19 Bill Campbell wrote:
> In summary, I would be extremely reluctant to allow access from public
> machines where there is no assurance how much malware is running on top of
> the Microsoft virus, Windows.  

When I said that I had used hotel computers I meant for using a web interface 
only.  The problem with that is that they usually have only IE, which I don't 
trust.

> It's very easy to revoke authorized_keys or
> OpenVPN access for a lost or stolen laptop.  Allowing password access by
> any means opens up a large can of worms.

The only password access that is happening is when kmail reads from my imap 
server.  I toyed with the idea of using ssh access to all my files, but 
watching the logs for a very short time convinced me that that's something 
that is not worth while.  (No-one got in, but in that short time there were 
plenty of attempts.)  I know it can be done securely, but it's not 
straightforward, and in truth there aren't so many documents that I'm likely 
to want to access while I'm away.  I have sufficient local storage, too, that 
I can use termporarily and transfer when I get home.

I have no need to open up all sorts of services.  I just need to feel that I 
have taken all reasonable precautions.

Anne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.centos.org/pipermail/centos/attachments/20081224/ca567a1f/attachment.sig>


More information about the CentOS mailing list