Date: Thu, 8 Nov 2001 02:15:37 +0200 From: Giorgos Keramidas <charon@labs.gr> To: Anthony Atkielski <anthony@atkielski.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Re[2]: Tiny starter configuration for FreeBSD Message-ID: <20011108021537.E79276@hades.hell.gr> In-Reply-To: <007e01c1636e$97016d10$0a00000a@atkielski.com> References: <15330.6606.417524.41024@guru.mired.org><002b01c1635f$5a5f4300$0a00000a@atkielski.com> <15330.14419.809266.281360@guru.mired.org> <007e01c1636e$97016d10$0a00000a@atkielski.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Nov 02, 2001 at 08:18:34AM +0100, Anthony Atkielski wrote: > Mike writes: > > I typically don't allow root to login at all, > > but I'm a bit paranoid. > > So am I, which is why this makes me uneasy. The machine is off the Net for the > moment, but I want it secured before I put it thereon. I'd still like to be > able to log in as root from my other machine on the LAN, however (and that's it, > except for the system console, of course). Don't allow root to login over the wire. At least not if some form of encryption is not involved. I let people login as normal users on my workstation from places like New Zealand, Australia or Canada, to browse the configuration files looking for hints to set up their FreeBSD boxes, but only one user is in the `wheel' group (and is allowed to use su(1) to become root) and that is my own personal user account. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011108021537.E79276>