From owner-freebsd-questions@FreeBSD.ORG Mon Feb 2 05:04:13 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A6E1E94E for ; Mon, 2 Feb 2015 05:04:13 +0000 (UTC) Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 521CCA47 for ; Mon, 2 Feb 2015 05:04:12 +0000 (UTC) Received: from mail.cs.ait.ac.th (localhost [127.0.0.1]) by mail.cs.ait.ac.th (Postfix) with ESMTP id F0555160B05; Mon, 2 Feb 2015 11:56:54 +0700 (ICT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.ait.ac.th; h= content-type:content-type:mime-version:message-id:date:date :in-reply-to:subject:subject:from:from:received:received :received; s=selector1; t=1422853014; x=1424667415; bh=rq5zjNkbb hPaOEZPpbCeXtKkOfjmF9akxWHSGiAtDRw=; b=KF8ZfPyDweLOADcph/uZBre99 HsKkvzjw7UtcLl6iFTRa/MVt+4hzML8yMVoYNrSzCB2NZ35S2OXRN5acFCuwPygH D3vXvgYFzgNrI2YoUXtIydqBDUzz9VLthe8qc22vL+RUuUGBetvHvZDPRyduvUHp 7uR37/o6aSB8ZQVFMk= X-Virus-Scanned: amavisd-new at cs.ait.ac.th Received: from mail.cs.ait.ac.th ([127.0.0.1]) by mail.cs.ait.ac.th (mail.cs.ait.ac.th [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id GQ1cf9mC-8oq; Mon, 2 Feb 2015 11:56:54 +0700 (ICT) Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.cs.ait.ac.th (Postfix) with ESMTPS id 5D1F8160B01; Mon, 2 Feb 2015 11:56:54 +0700 (ICT) Received: (from on@localhost) by banyan.cs.ait.ac.th (8.14.7/8.14.7/Submit) id t124utTF005880; Mon, 2 Feb 2015 11:56:55 +0700 (ICT) (envelope-from on@banyan.cs.ait.ac.th) From: Olivier Nicole To: Shane Ambler Subject: Re: Can't login as a root via SSH! In-Reply-To: <54CEFEF7.3020407@ShaneWare.Biz> (message from Shane Ambler on Mon, 02 Feb 2015 15:07:11 +1030) Date: Mon, 02 Feb 2015 11:56:55 +0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2015 05:04:13 -0000 Shane Ambler writes: > On 02/02/2015 14:13, jd1008 wrote: >> >> On 02/01/2015 08:21 PM, williamyun7 wrote: >>> which file should i look up? >>> >>> this is /etc/defaults/rc.conf >>> >>> i can't find any with root login via ssh from here. >> >> in /etc/ssh/sshd-config >> >> what do you see for root??? >> > > Just curious with root ssh access, what I have been using is to create > /root/.ssh/config and enter > > HOST > IdentityFile /home//.ssh/id_rsa > > then as root using `ssh @` That is something else and this way is not really a problem. The thread, I understand, is talking about 'ssh root@some.host' That is connecting from some user to root user. BR, Olivier > Well technically it's cron doing rsync to trigger the ssh connection, > but this causes root to initiate ssh using my user account keys. > > Is this method considered OK or is it a security issue? --