From owner-freebsd-questions Fri Nov 2 11:53:36 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.all.org (bdsl.66.12.117.154.gte.net [66.12.117.154]) by hub.freebsd.org (Postfix) with ESMTP id 50A7B37B40B for ; Fri, 2 Nov 2001 11:53:31 -0800 (PST) Message-ID: <3BE2F9A7.8080303@nicholasofmyra.org> Date: Fri, 02 Nov 2001 14:53:11 -0500 From: Joseph MIME-Version: 1.0 To: Anthony Atkielski Cc: FreeBSD Questions Subject: Re: Lockdown of FreeBSD machine directly on Net References: <000301c163ab$927fefe0$6401a8c0@daveabit> <01ab01c163cd$12f50ea0$0a00000a@atkielski.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG No. When you su, you are not really logging in again. It is more like a you with the priviledges of root (or any other user). If you notice, when you su, you can't type logout to get out of the shell, you have to type exit. From your shell after you have logged in, you can use exit or logout. Anthony Atkielski wrote: >Hmm ... I'll try it. Is ssh going to create a conflict if I use su to go from >place to place? (Since the original ssh login is associated with the key of a >specific user.) > >----- Original Message ----- >From: "David Powers" >To: "'Anthony Atkielski'" ; "'Mike Meyer'" > >Cc: >Sent: Friday, November 02, 2001 15:35 >Subject: RE: Lockdown of FreeBSD machine directly on Net > > >>So you login as you and then use the su command to elevate to root. You >>should never log directly in as root. >> >>-----Original Message----- >>From: owner-freebsd-questions@FreeBSD.ORG >>[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Anthony >>Atkielski >>Sent: Friday, November 02, 2001 2:48 AM >>To: Mike Meyer >>Cc: questions@freebsd.org >>Subject: Re: Lockdown of FreeBSD machine directly on Net >> >> >>Mike writes: >> >>>Subscribe to the appropriate security lists - >>>freebsd-security at a bare minimum ... >>> >>Done. >> >>>Everyone is going to tell you to kill telnetd >>>- and they are probably right, as sshd lets >>>you do all that. >>> >>Except that sshd isn't letting me log in as root. When I try that, it says: >>"Sorry, you are not allowed to connect." But I changed the remotes to >>secure in >>ttys, and I put the PermitRootLogin to "yes" in sshd_config. What else do I >>have to do? SSH works for other accounts. >> >> >>To Unsubscribe: send mail to majordomo@FreeBSD.org >>with "unsubscribe freebsd-questions" in the body of the message >> >> > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message