From owner-freebsd-questions@FreeBSD.ORG  Fri May  2 02:41:51 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 972F237B401
	for <freebsd-questions@freebsd.org>;
	Fri,  2 May 2003 02:41:51 -0700 (PDT)
Received: from web.ngs.ru (web.ngs.ru [212.164.71.11])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 61E3E43FB1
	for <freebsd-questions@freebsd.org>;
	Fri,  2 May 2003 02:41:50 -0700 (PDT)	(envelope-from anyher@ngs.ru)
Received: from [212.164.71.24] (HELO intranet.ru)
  by web.ngs.ru (CommuniGate Pro SMTP 4.0.6)
  with ESMTP id 19463131; Fri, 02 May 2003 16:41:47 +0700
Received: from [212.109.198.46] (HELO julia)
  by intranet.ru (CommuniGate Pro SMTP 3.4.8)
  with ESMTP id 64761455; Fri, 02 May 2003 16:41:48 +0700
Date: Fri, 2 May 2003 16:45:54 +0700
From: =?Windows-1251?B?9fPl8PPq?= <anyher@ngs.ru>
X-Mailer: The Bat! (v1.61) UNREG / CD5BF9353B3B7091
Organization: =?Windows-1251?B?0evz5uHgINHv4PHl7ej/INHu8u7i+/U=?=
X-Priority: 3 (Normal)
Message-ID: <176721945.20030502164554@ngs.ru>
To: "Fedder Skovgaard" <fsk@maerskdata.dk>
In-Reply-To: <OFAEF92425.1AC61264-ONC1256D1A.00311AA3-C1256D1A.0032A2DF@mdata.dk>
References: <OFAEF92425.1AC61264-ONC1256D1A.00311AA3-C1256D1A.0032A2DF@mdata.dk>
MIME-Version: 1.0
Content-Type: text/plain; charset=Windows-1251
Content-Transfer-Encoding: 8bit
cc: freebsd-questions@freebsd.org
Subject: Re: Being root via ssl
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: =?Windows-1251?B?9fPl8PPq?= <anyher@ngs.ru>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 May 2003 09:41:51 -0000


FS> What is the preferred way of doing this, and is it _really_ dangerous to 
FS> allow root login via ssl ?

   teoreticaly  its  much  more insecure , because ssh *realy* can be
   craced from the same segment of  network , but  if  you works  like
   a ordinar user  , and than do su root (or just su ) root password
   is transmiting  not in first bytes of  data - if  you works some
   time like ordinar user.

   only users  in group 0  can su to root  (by default) im think it's
   preferred to login  and  after is  su to root.
    Also its prefired because you can't do somthing  that will brake your system while
   you an ordinar user ,it not 'fantom menace' :) , specialy when your
   machine  is serving  some clients . You realy  dont need in a
   fullcontrol to read man pages , or using  ports collection (till moment  of
   'make  install' )


-- 
Best regards,
                           mailto:anyher@ngs.ru