From owner-freebsd-isp Fri Feb 20 11:22:14 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA16464 for freebsd-isp-outgoing; Fri, 20 Feb 1998 11:22:14 -0800 (PST) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from uranus.planet-three.com (homer.duff-beer.com [194.207.51.241]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA16456; Fri, 20 Feb 1998 11:22:11 -0800 (PST) (envelope-from scot@poptart.org) Received: from localhost (scot@localhost) by uranus.planet-three.com (8.8.8/8.8.5) with SMTP id TAA17181; Fri, 20 Feb 1998 19:20:28 GMT Date: Fri, 20 Feb 1998 19:20:28 +0000 (GMT) From: Scot Elliott To: "mlucas@verio.net" cc: Doug White , questions@FreeBSD.ORG, isp@FreeBSD.ORG Subject: Re: Books on security In-Reply-To: <199802201109.LAA12759@sunoco.rust.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Put the following in your sshd_config file: PermitRootLogin no Scot On Fri, 20 Feb 1998, mlucas@verio.net wrote: > >> S/key is vulnerable to session hijacking, so ssh may be a better > >> choice. If you use rdist, ssh has the additional advantage that it > >> allows root to do run it while plain rsh won't. > > > >If you enable that option :) All my installs of SSH don't allow root > >logins. > > The vanilla install of ssh in the ports directory does allow root logins > (at least, on my systems). > > How can this be turned off? > > Thanks, > ml > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > ----------------------------------------------------------------------------- Scot Elliott (scot@poptart.org) | Work: +44 (0)1344 899401 PGP fingerprint: FCAE9ED3A234FEB59F8C7F9DDD112D | Home: +44 (0)181 8961019 ----------------------------------------------------------------------------- Public key available by finger at: finger scot@poptart.org or at: http://www.poptart.org/pgpkey.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message