Date: Fri, 05 Oct 2001 13:42:01 -0400 From: Brandon Fosdick <bfoz@glue.umd.edu> To: stable@FreeBSD.ORG Subject: Re: Why sshd:PermitRootLogin = no ? Message-ID: <3BBDF0E9.20BA0F56@glue.umd.edu> References: <19436.1002297239@axl.seasidesoftware.co.za> <20011005120139.D10847@pir.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter Radcliffe wrote: > > Sheldon Hearn <sheldonh@starjuice.net> probably said: > > Why is sshd's PermitRootLogin set to 'no' in the default installation of > > FreeBSD? > > Because it's sensible. Given the semi-recent articles on determining passwords from sniffed ssh packets which is least secure? Allowing remote root logins over ssh or su'ing to root? It's my understanding that the aforementioned sniffing method doesn't work on the initial ssh login, only on passwords typed after that (i.e. while su'ing). It seems to me that neither method is all that secure, so maybe the default should be based on convenience? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BBDF0E9.20BA0F56>