Date: Tue, 3 Jan 2017 14:18:52 +0000 From: Mike Clarke <jmc-freebsd2@milibyte.co.uk> To: freebsd-questions@freebsd.org Subject: Re: how to allow user toor login through ssh Message-ID: <20170103141852.33e53a9a@curlew.lan> In-Reply-To: <CAOc73CCc_Yj_qAw2riDft=KdeNoKmHgOQOkeTLdse2pom_35FQ@mail.gmail.com> References: <5869ADFB.6080000@gmail.com> <20170102024359.aa82ae3e.freebsd@edvax.de> <5869F77D.5050106@gmail.com> <20170102172615.516dc912.freebsd@edvax.de> <CAOc73CCc_Yj_qAw2riDft=KdeNoKmHgOQOkeTLdse2pom_35FQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 3 Jan 2017 19:15:54 +0800
Ben Woods <woodsb02@gmail.com> wrote:
> The openssh daemon prevents login as root or toor (any user with UID 0) in
> the default configuration that ships with FreeBSD.
>
> This can be adjusted by setting the following in /etc/ssh/sshd_config:
> PermitRootLogin yes
>
> Note however, that it is not generally advisable to allow root or toor
> login via ssh, as this is a frequently attempted username for script
> kiddies and bots running random brute force attacks. Tread wisely.
If you intend to allow remote access for root via ssh then you're safer
to generate good secure ssh keys and then configure sshd to enforce
key-based authentication as the only login method by including the
following in /etc/sshd/sshd_config
PermitRootLogin without-password
--
Mike Clarke
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170103141852.33e53a9a>