Date: Tue, 3 Jan 2017 14:24:12 +0100 From: Maciej Suszko <maciej@suszko.eu> To: Ben Woods <woodsb02@gmail.com> Cc: Polytropon <freebsd@edvax.de>, "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>, Ernie Luzar <luzar722@gmail.com> Subject: Re: how to allow user toor login through ssh Message-ID: <20170103141838.4ada403b@helium> In-Reply-To: <CAOc73CCc_Yj_qAw2riDft=KdeNoKmHgOQOkeTLdse2pom_35FQ@mail.gmail.com> References: <5869ADFB.6080000@gmail.com> <20170102024359.aa82ae3e.freebsd@edvax.de> <5869F77D.5050106@gmail.com> <20170102172615.516dc912.freebsd@edvax.de> <CAOc73CCc_Yj_qAw2riDft=KdeNoKmHgOQOkeTLdse2pom_35FQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/S2x5=eq2X+pFTC+hAstT+r0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Tue, 3 Jan 2017 19:15:54 +0800 Ben Woods <woodsb02@gmail.com> wrote: > The openssh daemon prevents login as root or toor (any user with UID > 0) in the default configuration that ships with FreeBSD. >=20 > This can be adjusted by setting the following in /etc/ssh/sshd_config: > PermitRootLogin yes >=20 > Note however, that it is not generally advisable to allow root or toor > login via ssh, as this is a frequently attempted username for script > kiddies and bots running random brute force attacks. Tread wisely. >=20 > Regards, > Ben However it's quite simple to restrict root login using Match block, for example ;-) ... just leave 'no' globally. Match Address 10.0.0.0/27 PermitRootLogin yes --=20 regards, Maciej Suszko. --Sig_/S2x5=eq2X+pFTC+hAstT+r0 Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQRBv6xO7mzN+RcEaiUKKRSTSXuIagUCWGul/AAKCRAKKRSTSXuI auqaAJ4xkKQ8d3VRDr64fu7N0Tj0xgrRhACfW8FCK677APmoXZwLAvGafrZEgzo= =NU1K -----END PGP SIGNATURE----- --Sig_/S2x5=eq2X+pFTC+hAstT+r0--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170103141838.4ada403b>