Date: Thu, 27 Jan 2000 15:11:26 -0800 (PST) From: Todd Backman <todd@flyingcroc.net> To: Sheldon Hearn <sheldonh@uunet.co.za> Cc: Todd Backman <todd@mail.flyingcroc.net>, Bill Swingle <unfurl@dub.net>, security@FreeBSD.ORG Subject: Re: root authorized_keys ignore? Message-ID: <Pine.BSF.4.10.10001271508060.62037-100000@security1.noc.flyingcroc.net> In-Reply-To: <1573.948954524@axl.noc.iafrica.com>
next in thread | previous in thread | raw e-mail | index | archive | help
You are correct. I was looking for an interim solution to the problem until I get through all of my other projects before digging into kerberosV for our 250+ machines... aaaakkkk! I was just hoping I missed something in sshd_config. Thanks for the tips! - Todd On Thu, 27 Jan 2000, Sheldon Hearn wrote: > > > On Wed, 26 Jan 2000 12:08:34 PST, Todd Backman wrote: > > > just the use of authorized_keys... just want to combat the > > "lazy-admin-syndrome" ;^) > > Actually, it looks like you're trying to work around existing laziness, > rather than stomp on it. So far, all the suggestions I've seen offered > in public are not fool-proof. :-) > > Just disable root logins with ssh altogether and have your admins log in > with user accounts and su to root. > > Ciao, > Sheldon. > ========================================================================== Todd Backman <todd@flyingcroc.net> "the only limitations people Security Officer have are the ones we put Flying Crocodile, Inc. upon ourselves." -me Seattle, WA "chaos is a good teacher..." ========================================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10001271508060.62037-100000>