Cisco UCS – set SSH idle-timeout

FI# terminal session-timeout <n>
0-525600 Terminal Time Out (in minutes)

Of course, setting to „0“ which is disabling the timeout is for productive devices all, but no good practice ūüėČ

… but handy in isolated Lab environments.

Scope of this Blog

I just gave someone the advice without being asked (ignoring all i know about „nonviolent communication“ – sorry for that!) to include a „Scope“ in his blog:

  • he wrote an article how to setup a Raspberry-Pi but skipped all security considerations about how to setup a productive computer system.

I assume

  • many readers of his blog don’t have a clue how to harden a linux-operated Raspberry-Pi.

I assume:

  • those readers need at least a hint:
    • „there are additional steps required“
  • or even better, concrete advice:
    • „what to do next“ – maybe in a follow-up article.

How many people are part of a bot-net since the’ve been following incomplete internet blogs?

I should read my own book?

Of course, my blog lacks a scope, too – i’ll prioritize this on my todo-list.

I think, it might be worthful to never forget or ignore security considerations according to RFC 2223 Section 9 https://tools.ietf.org/html/rfc2223#page-11:

   All RFCs must contain a section near the end of the document that
   discusses the security considerations of the protocol or procedures
   that are the main topic of the RFC.

Those guys had to learn it the hard way since „all“ protocols defined by IETF-RFC where inherently insecure. DNS? TFTP? FTP? Security? Not part of the „Scope“ ūüėČ

I’d like to propose:

   All Blog-Articles must contain a section near the end of the document that
   discusses the security considerations of the procedures
   that are the main topic of the Blog-Article.