Date: Tue, 3 Jan 2017 14:24:12 +0100 From: Maciej Suszko <maciej@suszko.eu> To: Ben Woods <woodsb02@gmail.com> Cc: Polytropon <freebsd@edvax.de>, "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>, Ernie Luzar <luzar722@gmail.com> Subject: Re: how to allow user toor login through ssh Message-ID: <20170103141838.4ada403b@helium> In-Reply-To: <CAOc73CCc_Yj_qAw2riDft=KdeNoKmHgOQOkeTLdse2pom_35FQ@mail.gmail.com> References: <5869ADFB.6080000@gmail.com> <20170102024359.aa82ae3e.freebsd@edvax.de> <5869F77D.5050106@gmail.com> <20170102172615.516dc912.freebsd@edvax.de> <CAOc73CCc_Yj_qAw2riDft=KdeNoKmHgOQOkeTLdse2pom_35FQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/S2x5=eq2X+pFTC+hAstT+r0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
On Tue, 3 Jan 2017 19:15:54 +0800
Ben Woods <woodsb02@gmail.com> wrote:
> The openssh daemon prevents login as root or toor (any user with UID
> 0) in the default configuration that ships with FreeBSD.
>=20
> This can be adjusted by setting the following in /etc/ssh/sshd_config:
> PermitRootLogin yes
>=20
> Note however, that it is not generally advisable to allow root or toor
> login via ssh, as this is a frequently attempted username for script
> kiddies and bots running random brute force attacks. Tread wisely.
>=20
> Regards,
> Ben
However it's quite simple to restrict root login using Match block, for
example ;-) ... just leave 'no' globally.
Match Address 10.0.0.0/27
PermitRootLogin yes
--=20
regards, Maciej Suszko.
--Sig_/S2x5=eq2X+pFTC+hAstT+r0
Content-Type: application/pgp-signature
Content-Description: OpenPGP digital signature
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQRBv6xO7mzN+RcEaiUKKRSTSXuIagUCWGul/AAKCRAKKRSTSXuI
auqaAJ4xkKQ8d3VRDr64fu7N0Tj0xgrRhACfW8FCK677APmoXZwLAvGafrZEgzo=
=NU1K
-----END PGP SIGNATURE-----
--Sig_/S2x5=eq2X+pFTC+hAstT+r0--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170103141838.4ada403b>