From owner-freebsd-questions  Fri Nov  2  0:56: 2 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from maile.telia.com (maile.telia.com [194.22.190.16])
	by hub.freebsd.org (Postfix) with ESMTP id A0C1337B403
	for <questions@freebsd.org>; Fri,  2 Nov 2001 00:55:57 -0800 (PST)
Received: from d1o913.telia.com (d1o913.telia.com [195.252.44.241])
	by maile.telia.com (8.11.6/8.11.6) with ESMTP id fA28tu827246
	for <questions@freebsd.org>; Fri, 2 Nov 2001 09:55:56 +0100 (CET)
Received: from ertr1013.student.uu.se (h185n2fls20o913.telia.com [212.181.163.185])
	by d1o913.telia.com (8.8.8/8.8.8) with SMTP id JAA18887
	for <questions@freebsd.org>; Fri, 2 Nov 2001 09:55:55 +0100 (CET)
Received: (qmail 38188 invoked by uid 1001); 2 Nov 2001 08:55:54 -0000
Date: Fri, 2 Nov 2001 09:55:54 +0100
From: Erik Trulsson <ertr1013@student.uu.se>
To: Anthony Atkielski <anthony@atkielski.com>
Cc: Mike Meyer <mwm@mired.org>, questions@freebsd.org
Subject: Re: Lockdown of FreeBSD machine directly on Net
Message-ID: <20011102095554.A38169@student.uu.se>
Mail-Followup-To: Anthony Atkielski <anthony@atkielski.com>,
	Mike Meyer <mwm@mired.org>, questions@freebsd.org
References: <15330.23714.263323.466739@guru.mired.org> <00b501c1637b$1cd2f880$0a00000a@atkielski.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <00b501c1637b$1cd2f880$0a00000a@atkielski.com>
User-Agent: Mutt/1.3.22.1i
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Fri, Nov 02, 2001 at 09:48:13AM +0100, Anthony Atkielski wrote:
> Mike writes:

> > Everyone is going to tell you to kill telnetd
> > - and they are probably right, as sshd lets
> > you do all that.
> 
> Except that sshd isn't letting me log in as root.  When I try that, it says:
> "Sorry, you are not allowed to connect."  But I changed the remotes to secure in
> ttys, and I put the PermitRootLogin to "yes" in sshd_config.  What else do I
> have to do?  SSH works for other accounts.

You should not log in directly as root.  What you should do is login as
a normal user and then use 'su' to become root.
This requires that the user you login as is in the 'wheel' group.


-- 
<Insert your favourite quote here.>
Erik Trulsson
ertr1013@student.uu.se

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message