Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 24 Jul 2007 15:42:53 -0400
From:      "Hakan K" <dominor@gmail.com>
To:        Pollywog <lists-fbsd@shadypond.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: connecting user root with ssh
Message-ID:  <105fa37b0707241242t432ef3a2ufc5b0473d558dfe4@mail.gmail.com>
In-Reply-To: <200707241927.38359.lists-fbsd@shadypond.com>
References:  <11066.217.114.136.135.1180427946.squirrel@llca513-a.servidoresdns.net> <465d3e9e.uyoP2YaUttmVs6ON%perryh@pluto.rain.com> <20070724213326.5e8aa27d@localhost> <200707241927.38359.lists-fbsd@shadypond.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
How can I change the ssh port?



Thanks
Troy
http://dominor.com

On 7/24/07, Pollywog <lists-fbsd@shadypond.com> wrote:
>
> On Tuesday 24 July 2007 11:33:26 Norberto Meijome wrote:
> > On Wed, 30 May 2007 02:06:38 -0700
> >
> > perryh@pluto.rain.com wrote:
> > > * If "root" cannot log in remotely, a cracker has to guess three
> >
> > guess or brute force - so  quite long random passwords (or ssh keys) are
> > extremely recommendable.
> >
> > >   things to obtain root access, instead of just one:
> > >
> > >   + A valid username which is in the "wheel" group;
> > >   + That user's password;
> > >   + The root password.
> >
> > that is assuming, of course, that the user your just logged in with
> belongs
> > to wheel.
>
> If one must allow root logins via ssh, I recommend in sshd_config:
>
> PermitRootLogin without-password
>
> This will force the use of a passphrase and disallow root login with just
> a
> password.
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe@freebsd.org"
>



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?105fa37b0707241242t432ef3a2ufc5b0473d558dfe4>