This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Subject: SuSe Linux Reviewed From: Ray Dillinger <bear@sonic.net> Date: Wed, 25 Oct 2000 00:10:41 -0700 (PDT) I've been using RedHat for a couple years now, and I was happy with it. I started with Debian, but -- while Debian has a lot of stuff, a lot of it wasn't very good and wasn't very well organized, at least at the time. I was a linux newbie at the time, so I didn't really have the expertise that would have been required to get the most out of Debian. So when I switched to RedHat, it was a move that made me happier. I guess I never really got past the configuration headaches with Debian, but with RedHat I could get over the hump. But recently, about the time redhat 6.1 came out, I had another box which I was adding to my home network (it's for development - I need 2 development boxes now that I'm doing network stuff) and I went off to the store in search of RH 6.1 intending to upgrade the two boxes I had already and install on the one I had just got. However, at circuit city they were *out* of Redhat 6.1, and someone handed me a box of SuSe linux 6.4. So I went "what the heck, I'll try another flavor...more platforms to test on can't hurt, let's see if I can make it work on RH *and* SuSe." So at home, I set up the new box on SuSe and left the old ones on RedHat. I have to admit, I'm really impressed with it so far. If you tell it you want to do network and development, SuSe installs with a HUGE array of network and development tools. Its installer understands my hardware (well, most of it anyway -- I had to have an earnest conversation with Xconfig about my NEC multisync 3fgx monitor). Picked up the sound and video cards without a blip, and configured them correctly. Did the disk partitioning correctly, putting root, boot, and swap inside the 1024-cylinder barrier (which I had to convince the RedHat 6.0 installer to do by hand-partitioning my disk). It also gave a really nice set of install options: you can make decisions at high level (Install "almost everything", "average", or "minimal") or at a medium level (augment my "average" install with the source code and "almost everything" in the networking and development categories), or straight down to package-by-package level - with handy help messages and real-time warnings about package interactions and incompatibilities where appropriate. It installs half-a-dozen different desktop environments, and they are all correctly configured straight out of install (which compares with RedHat getting really flaky and rigid if I chose anything that wasn't Gnome). Right now I'm using K and I really *really* like the K development environment that comes with it -- users of a certain $600 product by a company which shall remain nameless will feel right at home. Plus, there's just a huge amount of *STUFF*!! SuSe comes on 6 CD's, and it preinstalls every application under the sun if you tell it to. With RedHat, you find yourself constantly going to the web to get this or that or the other thing. But the SuSe box, if you have the disk space, installs with enough applications and toys to be a complete system within itself, and doesn't actually need the web to make sense. It has actually become my new favorite workstation. One thing I disliked about RedHat was the way it was constantly trying to dial my modem whenever I wanted to read the documentation on some things -- CD's are cheap, disk space is cheap, why didn't it just install all of the dang docs? Haven't had that problem YET with the SuSe systems. One thing that RedHat has on Suse is that the RH configuration of the networking software is maybe a little better. Suse's is competent, but it's not performance tuned the way RH's is -- Of course, both distributions come with everything you need to set up a killer internet server, but there's a little less handtweaking necessary to get best performance out of RedHat. Anyway -- just wanted to say I'm *really* impressed. I think I'm going to go on getting SuSe in the future. :-) And yeah, I'd recommend it to a friend. ==== Subject: Re: SuSe Linux Reviewed From: Deirdre Saoirse <deirdre@deirdre.net> Date: Wed, 25 Oct 2000 11:52:33 -0700 (PDT) On Wed, 25 Oct 2000, Ray Dillinger wrote: > I have to admit, I'm really impressed with it so far. If you tell it > you want to do network and development, SuSe installs with a HUGE > array of network and development tools. SuSE is the "licenses? Collect the whole set!" distribution. I like it myself. > Anyway -- just wanted to say I'm *really* impressed. I think I'm > going to go on getting SuSe in the future. :-) And yeah, I'd > recommend it to a friend. It's been my favorite since giving up on red hat a few years ago. That said, I use RH at work and like it too. (Btw, I'm one of the co-authors of _SuSE Linux Unleashed_ from Sams) === Subject: RE: SuSe Linux Reviewed From: "Daevid Vincent" <DayWalker@TheMatrix.com> Date: Wed, 25 Oct 2000 13:17:02 -0700 Anyway -- just wanted to say I'm *really* impressed. I think > I'm going to go on getting SuSe in the future. :-) And yeah, I'd > recommend it to a friend. Does SuSe use RPM packages -- the same ones that RH uses, hence if I go to a site and they only show the RH RPM or Debian, will the RH package work? How different is the directory structure from a RH install? How easy is it to upgrade an existing SuSe system to the 'next version' when it comes out? Can I _upgrade_ my RH6.2 server to SuSe, or do I need to install from scratch? Does it have something simmilar to "autorpm", to automatically get upgrades and patches? How secure is it compared to RH or other distros for a real server (apache, mysql, mail, ftp)? Does it come with any encryption (SSL or SSH) stuff? === Subject: RE: SuSe Linux Reviewed From: Ray Dillinger <bear@sonic.net> Date: Wed, 25 Oct 2000 16:00:15 -0700 (PDT) On Wed, 25 Oct 2000, Daevid Vincent wrote: >> Anyway -- just wanted to say I'm *really* impressed. I think >> I'm going to go on getting SuSe in the future. :-) And yeah, I'd >> recommend it to a friend. > >Does SuSe use RPM packages -- the same ones that RH uses, hence if I go to a >site and they only show the RH RPM or Debian, will the RH package work? Yes, they use RPM packages and the RPM software. >How different is the directory structure from a RH install? No substantial differences, at least not that I've noticed. Everything seems to be in the same place. >How easy is it to upgrade an existing SuSe system to the 'next version' when >it comes out? Dunno, I haven't yet. I did see the option on the installer to perform an upgrade, but so far I haven't had occasion to use it. >Can I _upgrade_ my RH6.2 server to SuSe, or do I need to install from >scratch? My impression is that the installer doesn't recognize other distributions - I could be wrong about that, I haven't had occasion to "convert" a machine yet. I do know that when I tried to include the standard kernel sources (the same ones redhat uses are distributed with SuSE) I got a warning about a possible conflict with SuSE kernel sources, which apparently have some patches etc from the standard edition. I haven't yet investigated the differences, but I have noticed that file and disk access seems smoother. >Does it have something simmilar to "autorpm", to automatically get upgrades >and patches? Yes. >How secure is it compared to RH or other distros for a real server (apache, >mysql, mail, ftp)? There is an RPM that comes with it called "Hard-SuSE" which is described as "Enhances security by disabling unnecessary internet services and reconfiguring some others." I mention this to be fair - as far as I know it is quite secure with this package installed. But I chose not to install it until someone convinces me that it agrees with me about what is unnecessary and what reconfiguration should be done, so I am hardening my system "by hand", one configuration at a time. In the default installations I've seen so far, there are several things that I find questionable from a security POV. Perhaps the most egregious I've seen so far is their setup of Apache. There is lots of documentation in the server directory, including some files that give information useful to attackers (telling all about the install directory structures, security measures, and the (rather weak) cryptographic algorithm securing /etc/password for example, as well as usage stats and other valuable information from the cgi-bin directory). It's not configured to limit that to local-viewing only - instead it relies on a "robots.txt" file to try to make it invisible to the outside world. Can you fix it? Yes. Is it something that could help a cracker if you don't remember to? Yes. *sigh.* But, really, I haven't seen *MAJOR* holes - the network stuff is all done with competence, if sometimes without excellence. >Does it come with any encryption (SSL or SSH) stuff? :-) Yes. One of the things I'm considering with it is an "email for paranoids" server -- providing anonymous eddresses which accept encrypted email only. It has all the necessary parts, but putting something like that together in a secure way is going to be a major challenge. ====