Forum OpenACS Q&A: Response to Help! no SSH Telnet Access

Posted by S. Y. on
The intent of my second post was not to start an OS jihad.

About Linux kernels not being QA-ed revolves around the stuff at (and mirrors). Certainly the major distributions put in a certain amount of effort in QA-ing their releases, but there are only varying degrees of out-of-the-box security in Linux distros and nothing that anyone should ever expect to be sufficient for a production server live on the 'net. This is meant to scare anyone away from Linux, but it's simply a wakeup call/caveat emptor.

I wouldn't be surprised if OpenBSD is more secure than a fresh install of whatever Linux distribution, but there's a certain amount of security aptitude necessary to bring both boxes up to production level security in both cases. OpenBSD gives the sysadmin a head-start, but a competent UNIX sysadmin should/must be able to get a Linux/Solaris/IRIX/whatever box up to the same level; you just start at different places on that path depending upon your choice of OS poison.