Date: Sun, 11 May 2008 23:58:30 +0200 (CEST) From: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl> To: Jon Radel <jon@radel.com> Cc: Chad Perrin <perrin@apotheon.com>, freebsd-questions@freebsd.org Subject: Re: root login stops working Message-ID: <20080511235653.D72685@wojtek.tensor.gdynia.pl> In-Reply-To: <48276671.8080806@radel.com> References: <812883.11120.qm@web54010.mail.re2.yahoo.com> <3120c9e30805101308q55d93966p69914d3bde9a3139@mail.gmail.com> <20080511195413.GB81732@demeter.hydra> <20080511215811.W72139@wojtek.tensor.gdynia.pl> <48276671.8080806@radel.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>>> meant to prevent things like brute-force attacks on root over the >>> network. It's a bad idea to change that behavior, in general. Back when >> >> just another stupid myth. > > As is, of course, all security in depth. Hey, if you want everything > riding on one password, more power to you, but you might want to refrain > from using phrases like "stupid myth" unless you've got some hard data > to back them up. did below. > >> simply use good passwords. > > Or a nice little key encrypted with a good pass phrase. i use ssh with id_dsa/authorized keys regularly, and rlogin&.rhosts within the range of private/vpn/other way secure network >> having to log through 2 accounts doesn't increase security. actually >> increases mess. > > The only mess I can think of is all that logging that forces a bit of > accountability onto all the admins who know the root password. Of > course, if you're the only admin, I suppose it doesn't really matter. 2 admins for one server is never good idea :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080511235653.D72685>