From owner-freebsd-questions@FreeBSD.ORG  Fri Feb  4 01:59:22 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 106B716A4CE
	for <freebsd-questions@freebsd.org>;
	Fri,  4 Feb 2005 01:59:22 +0000 (GMT)
Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.205])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5473743D1D
	for <freebsd-questions@freebsd.org>;
	Fri,  4 Feb 2005 01:59:20 +0000 (GMT)
	(envelope-from gert.cuykens@gmail.com)
Received: by rproxy.gmail.com with SMTP id f1so320147rne
	for <freebsd-questions@freebsd.org>;
	Thu, 03 Feb 2005 17:59:19 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references;
	b=DLXvyNa59J2AstTsuGNBPX+LLCMjZOuHcIHxJUh0cua0H4WgZhVTZvQMnstOkaxPW3CguW4xkTKxLtyfAALCafbRsDTmHMVrP9zj5wkRCeUP3oXudC0r2ptobF+1PgcIhNDX3TJ9m8/cd3NR0dr/+qEjtQebxfEc1iCTwyMT/eU=
Received: by 10.38.207.15 with SMTP id e15mr115100rng;
        Thu, 03 Feb 2005 17:59:19 -0800 (PST)
Received: by 10.38.74.23 with HTTP; Thu, 3 Feb 2005 17:59:19 -0800 (PST)
Message-ID: <ef60af09050203175930a30af9@mail.gmail.com>
Date: Fri, 4 Feb 2005 02:59:19 +0100
From: Gert Cuykens <gert.cuykens@gmail.com>
To: FreeBSD questions mailing list <FreeBSD@amadeus.demon.nl>
In-Reply-To: <bf55966e0db107001d1dd92afb1e62e2@amadeus.demon.nl>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
References: <ef60af09050203143220daf9f9@mail.gmail.com>
	 <4202B512.9080306@cis.strath.ac.uk>
	 <ef60af09050203153670e8f27f@mail.gmail.com>
	 <4202BC4E.4090809@cis.strath.ac.uk>
	 <ef60af090502031604391fcbd6@mail.gmail.com>
	 <bf55966e0db107001d1dd92afb1e62e2@amadeus.demon.nl>
cc: freebsd <freebsd-questions@freebsd.org>
Subject: Re: ssh default security risc
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Gert Cuykens <gert.cuykens@gmail.com>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Feb 2005 01:59:22 -0000

On Thu, 3 Feb 2005 16:54:01 -0800, FreeBSD questions mailing list
<FreeBSD@amadeus.demon.nl> wrote:
> You really need to look at it from a different point of view...
> If you want to prevent people from breaking into your car you lock the
> doors.
> Don't say "If they break the locks and get in, I can't use my key
> anymore. So keep the doors unlocked", do you?
> My point of view...
> Arno
> 

I like this point of view game :)

How many locks are there in your car, lets say ever user has a lock
the trunk the left and the right door. Now imagine your little kit
waving to you behind the windows. You want to kick his butt because he
broke your brand new television set. You cant go in your car because
he pushes on the lock button so you can't turn the key. To make things
wurse your kid is trying to play with the root engine but he can't get
the engine to start. Enabeling the ssh root is like having the remote
car key that opens every door at once so you can get in to kick his
butt :)