Date: Thu, 20 Jan 2000 19:39:54 +0900 From: sen_ml@eccosys.com To: freebsd-security@FreeBSD.ORG Subject: Re: ssh. Message-ID: <20000120193954V.1000@eccosys.com> In-Reply-To: <20000120093017.18539.qmail@hotmail.com> References: <20000120093017.18539.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
jslat> For what need, would one have to even remotely Logon to the jslat> root account, my advice to to not even have a ~/root/.ssh to jslat> begin with. to me it's about as silly as ~/root/.rhosts. i won't be surprised if others mention that it is not always practical to do what you suggest. i beg to differ on the point that it is about as silly as ~/root/.rhosts -- .rhosts is far worse in my opinion. to elaborate just a bit, there are situations in which people might not have physical access (at least not frequently, and sometims even close to never) to the machiness which they administer. root access by ssh (in certain configurations) can provide a practical approach (compared to the alternatives) depending on one's situation. i know some setups where people establish an out-of-band connection (say, via serial lines) to each machine they administer from a single machine which is not connected to the network. however, even this is not always possible or practical -- distance, time, budget, etc. constraints. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000120193954V.1000>