From owner-freebsd-questions@FreeBSD.ORG  Thu Oct 23 12:44:01 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3B4EB1065676
	for <freebsd-questions@freebsd.org>;
	Thu, 23 Oct 2008 12:44:01 +0000 (UTC)
	(envelope-from wojtek@wojtek.tensor.gdynia.pl)
Received: from wojtek.tensor.gdynia.pl (wojtek.tensor.gdynia.pl
	[IPv6:2001:4070:101:2::1])
	by mx1.freebsd.org (Postfix) with ESMTP id 329718FC13
	for <freebsd-questions@freebsd.org>;
	Thu, 23 Oct 2008 12:43:59 +0000 (UTC)
	(envelope-from wojtek@wojtek.tensor.gdynia.pl)
Received: from wojtek.tensor.gdynia.pl (localhost [IPv6:::1])
	by wojtek.tensor.gdynia.pl (8.14.3/8.14.2) with ESMTP id m9NChm7G010120;
	Thu, 23 Oct 2008 14:43:48 +0200 (CEST)
	(envelope-from wojtek@wojtek.tensor.gdynia.pl)
Received: from localhost (wojtek@localhost)
	by wojtek.tensor.gdynia.pl (8.14.3/8.14.2/Submit) with ESMTP id
	m9NChlYn010117; Thu, 23 Oct 2008 14:43:47 +0200 (CEST)
	(envelope-from wojtek@wojtek.tensor.gdynia.pl)
Date: Thu, 23 Oct 2008 14:43:47 +0200 (CEST)
From: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>
To: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>
In-Reply-To: <444p33pmbp.fsf@lowell-desk.lan>
Message-ID: <20081023144157.S10109@wojtek.tensor.gdynia.pl>
References: <27ade5280810221955l6bb7fe23u504b008e6799fc57@mail.gmail.com>
	<444p33pmbp.fsf@lowell-desk.lan>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-questions@freebsd.org, APseudoUtopia <apseudoutopia@gmail.com>
Subject: Re: Locked out of Root
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Oct 2008 12:44:01 -0000

>> group, and root login is disabled in SSH.
>>
>> Thanks for any help/advice.
>
> You'll need to reboot in single-user mode.
> E.g.,
> http://be-well.ilk.org/FreeBSD/doc/en_US.ISO8859-1/books/faq/admin.html#SU-WHEEL-GROUP
>
> --

and next time - do enable root login through ssh/rlogin/telnetd

there is no security gain by disabling it, as you have to know password 
too.

if course it's not bright to login as root over telnet through public 
network, but too - it's not security hole in system, just in 
administrator's brain if he/she do it this way.