From owner-freebsd-questions@FreeBSD.ORG Wed Jun 1 22:44:08 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CEA6816A41C for ; Wed, 1 Jun 2005 22:44:08 +0000 (GMT) (envelope-from rickjpreston@gmail.com) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.200]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6874B43D53 for ; Wed, 1 Jun 2005 22:44:08 +0000 (GMT) (envelope-from rickjpreston@gmail.com) Received: by rproxy.gmail.com with SMTP id a41so29808rng for ; Wed, 01 Jun 2005 15:44:07 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=jYWvarjCXv7tT8Ao7ivqEmrtq3NaA3jarNVK46ok23RlIDu2rx2mj2sIlQxVCo9fyyRlPSq+bY8+6QxK9WmFE/vAiRcocM1ncQTOMFeJtut3LUwX9EyBZUqStpByOp4kp9kxdtGn0pFpedzUNaJuT0sJP61X7bKrGg5APw92gA4= Received: by 10.38.67.44 with SMTP id p44mr157814rna; Wed, 01 Jun 2005 15:44:07 -0700 (PDT) Received: by 10.38.151.32 with HTTP; Wed, 1 Jun 2005 15:44:07 -0700 (PDT) Message-ID: Date: Wed, 1 Jun 2005 18:44:07 -0400 From: Rick Preston To: Steven Friedrich In-Reply-To: <200506011757.57097.FreeBSD@InsightBB.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <200506011449.45455.FreeBSD@InsightBB.com> <429E0B57.2070701@scls.lib.wi.us> <20050601203839.GH21127@gentoo-npk.bmp.ub> <200506011757.57097.FreeBSD@InsightBB.com> Cc: freebsd-questions@freebsd.org Subject: Re: can't figure out ssh, read lots of docs... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Rick Preston List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jun 2005 22:44:08 -0000 I just want to add a little about allowing root login over ssh and using common user names as login names if I may. I just left an admin job where we were running a live server and I used to read the log files everyday. The number of brute force attempts to login in to sshd was staggering sometimes over 700 attempts in a day from many different locations.(usually script kiddies) I had the only user account so it wasn't my users making mistakes. 90%+ of the attempts were for the root account. The other 10% were for common names like steven, rick, and paul the list goes on. So I would recommend that you keep root login disabled and don't use common names for login names. Most people where setting up scripts to block the offending attacker. Not to mention every security document or site I have ever read has said "Don't allow remote root login" Thanks for letting me spew, Rick On 6/1/05, Steven Friedrich wrote: > Thanks to Nathan Kinkade, Roland Smith, Greg Barniskis, and Rick Preston = for > the replies. Each gave me quite a bit of info and I'm still digesting it= . >=20 > I've been successful using ssh-agent, though I have to enter the passphra= se > each time I run my script. That's really only an annoyance now because I= 'm > developing the script and have to enter it often. That goes away when the > script is stable. >=20 > I've been using ssh to login to my local machines for quite some time and > never realized I didn't have it set up quite right, because it was asking= for > a passwd, which means all other means failed. >=20 > What I did notice though, is that I can't login as root using ssh. I hav= en't > found this mentioned in the man pages. >=20 > Anybody know where it's documented, whether it can be changed, and would = that > be a colossal mistake? >=20 > I mean, hey, it's a secure shell, why can't I login as root? >=20 > The reason I want to use root is because I'm trying to scp /etc/master.pa= sswd > from each of my four machines so I can write them to a CD for backup. >