Date: Tue, 20 Nov 2007 16:20:43 -0800 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: "Julian H. Stacey" <jhs@berklix.org> Cc: freebsd-stable@freebsd.org, "Aryeh M. Friedman" <aryeh.friedman@gmail.com> Subject: Re: Software for distribution of configuration files and changes Message-ID: <20071121002043.GA98340@eos.sc1.parodius.com> In-Reply-To: <200711202315.lAKNFa4R012904@fire.js.berklix.net> References: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAACAAAAAAAAAAiuboouUF6EKrT2uPks5M1AAAAAD7AgAAAPYFABAAAAAdMdDZF9ebRbtpiHRx6LqFAQAAAAA=@kmjeuro.com> <474325A0.7060802@gmail.com> <200711202315.lAKNFa4R012904@fire.js.berklix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 21, 2007 at 12:15:36AM +0100, Julian H. Stacey wrote: > Add > PermitRootLogin yes > to > /etc/ssh/sshd_config This should really be "PermitRootLogin without-password". Yes, the phrase "without-password" looks scary, but it isn't so much -- it allows root login via passwordless SSH keys only, while simultaneously continues disallowing root logins via keyboard/password authentication. sshd_config(5) has details. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071121002043.GA98340>