Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 30 May 2008 13:52:21 +0200
From:      Zbigniew Szalbot <z.szalbot@lc-words.com>
To:        Mike Clarke <jmc-freebsd@milibyte.co.uk>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: disallow remote root / allow remote root by key
Message-ID:  <483FEA75.7040902@lc-words.com>
In-Reply-To: <200805301055.31048.jmc-freebsd@milibyte.co.uk>
References:  <483FC2E5.5040706@lc-words.com> <200805301055.31048.jmc-freebsd@milibyte.co.uk>

next in thread | previous in thread | raw e-mail | index | archive | help
Hello,

Mike Clarke:

> On Friday 30 May 2008, Zbigniew Szalbot wrote:
> 
>> Server - Remote root login is disallowed but I need to fetch
>> snaphosts produced by rsnapshot and for this I need remote root
>> access. Backup machine on a dynamic IP - connects to server using
>> key-based authentication. Can this machine (and only this machine)
>> log in remotely as root?
> 
> Yes, on the remote server set PermitRootLogin to "without-password" 
> instead of "no" in /etc/ssh/sshd_config and append your your public key 
> from the remote machine into /root/.ssh/authorized_keys.

Thank you for this advice! Each time I am surprised how flexible this 
system is and how helpful its users are!

Regards,

-- 
Zbigniew Szalbot
www.lc-words.com



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?483FEA75.7040902>