Date: 27 Jul 2005 14:20:52 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: cartman_step1@spymac.com Cc: freebsd-questions@freebsd.org Subject: Re: sshd and pam Message-ID: <44y87srtyz.fsf@be-well.ilk.org> In-Reply-To: <20050727165310.DF8125C0040@webmail3.spymac.net> References: <20050727165310.DF8125C0040@webmail3.spymac.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[Message reformatted.] <cartman_step1@spymac.com> writes: > yes i'm logging in as root , now i have understand , cause i can log > in as a normal user . But then it's possible to log in as root , so > i can administrate remotely the machine on the lan? su(8). [personally, I'm fond of sudo, which is in the ports] Letting root log in directly leaves you with no audit trail, and a single point of failure in your security scheme. You can configure sshd to let root log in, but I don't generally advise it for a network on the Internet.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44y87srtyz.fsf>