Date: Sun, 7 Oct 2001 14:22:16 -0700 From: David Schwartz <davids@webmaster.com> To: <freebsd-stable@FreeBSD.ORG> Subject: Re: Why sshd:PermitRootLogin = no ? Message-ID: <20011007212217.AAA6070@shell.webmaster.com@whenever> In-Reply-To: <200110061024.MAA23902@lurza.secnetix.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 6 Oct 2001 12:24:20 +0200 (CEST), Oliver Fromme wrote: >There are installations where people don't want root logins to= be enabled, >whether with password or not. This includes many of the= machines I am >responsible for -- If the default was changed, I'd have to edit= sshd_config >and replace "without-password" with "no" everywhere. =09Why? Having it set to "without-password" doesn't allow root= logins and neither does "no", so what difference does it make either way?= Both settings have the precise same effect unless other changes are made. =09Anyone who could or would install a key for root could or would= change the default root login option. One can make an argument that someone= would be quite likely to change the default from "no" to "yes" (because= they might not even know about the "without-password" option). So having the= option set to "without-password" could actually be more secure in fairly= realistic circumstances. =09DS To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011007212217.AAA6070>