Date: Fri, 4 Feb 2005 00:36:12 +0100 From: Gert Cuykens <gert.cuykens@gmail.com> To: Chris Hodgins <chodgins@cis.strath.ac.uk> Cc: freebsd-questions@freebsd.org Subject: Re: ssh default security risc Message-ID: <ef60af09050203153670e8f27f@mail.gmail.com> In-Reply-To: <4202B512.9080306@cis.strath.ac.uk> References: <ef60af09050203143220daf9f9@mail.gmail.com> <4202B512.9080306@cis.strath.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 03 Feb 2005 23:34:42 +0000, Chris Hodgins <chodgins@cis.strath.ac.uk> wrote: > Gert Cuykens wrote: > > By default the root ssh is disabled. If a dedicated server x somewhere > > far far away doesn't have root ssh enabled the admin is pretty much > > screwed if they hack his user account and change the user password > > right ? > > > > So is it not better to enable it by default ? > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > > > Every unix box has a root account. Not every unix box has a jblogs > account. Lets take the example of a brute-force attempt. The first > thing I would do would be to attack roots password. I know the account > exists. Might as well go for the big prize first. > > So having a root account enabled is definetly a bad thing. > > Chris > Do you agree a user acount is most of the time more vonerable then the root account ? If they can hack the root they can defenatly hack a user account too. So i dont see any meaning of disabeling it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ef60af09050203153670e8f27f>