Date: Thu, 20 Jan 2000 10:44:18 -0500 From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: NoCoN FLiC <jslat@hotmail.com> Cc: jonf@revelex.com, freebsd-security@FreeBSD.ORG Subject: Re: ssh. Message-ID: <20000120104418.A72685@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <20000120093017.18539.qmail@hotmail.com>; from jslat@hotmail.com on Thu, Jan 20, 2000 at 09:30:17AM %2B0000 References: <20000120093017.18539.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 20, 2000 at 09:30:17AM +0000, NoCoN FLiC wrote: > > > > >And someone who breaks in can easily fake that email. > > > >My personal solution (I know you are all dying for it)? > > > >Make sure root's .ssh directory is watched _very_ closely by > >Tripwire. Setup Tripewire to use read-only media (e.g. write > >protected floppy). > >-- > > For what need, would one have to even remotely Logon to the root account, > my advice to to not even have a ~/root/.ssh to begin with. > to me it's about as silly as ~/root/.rhosts. Automated dumps over the network is what I use it for. And before anyone says it, don't tell me to use Amanda unless you have very specific arguments why it would be any more secure than SSH. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000120104418.A72685>