From owner-freebsd-questions@FreeBSD.ORG  Sun Dec 25 15:03:09 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3C571106566B
	for <freebsd-questions@freebsd.org>;
	Sun, 25 Dec 2011 15:03:09 +0000 (UTC)
	(envelope-from merlyn@stonehenge.com)
Received: from mail.mroute.net (lax-gw09.mailroute.net [199.89.0.109])
	by mx1.freebsd.org (Postfix) with ESMTP id 1D35B8FC14
	for <freebsd-questions@freebsd.org>;
	Sun, 25 Dec 2011 15:03:09 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by lax-gw09.mroute.net (Postfix) with ESMTP id EE72D170170;
	Sun, 25 Dec 2011 14:44:11 +0000 (GMT)
X-Virus-Scanned: by MailRoute
Received: from red.stonehenge.com (red.stonehenge.com [208.79.95.2])
	by lax-gw09.mroute.net (Postfix) with ESMTP id 03885170161;
	Sun, 25 Dec 2011 14:44:10 +0000 (GMT)
Received: by red.stonehenge.com (Postfix, from userid 1001)
	id BBE503CF9; Sun, 25 Dec 2011 06:44:10 -0800 (PST)
From: merlyn@stonehenge.com (Randal L. Schwartz)
To: Jeff Tipton <jeff.t@mail.com>
References: <4EF653B7.2070500@mykitchentable.net>
	<CA+tpaK3C7i3QzPdYGj8gvjgMOdG+XOEmqH=_yhWZgearTP72iQ@mail.gmail.com>
	<4EF6B7C9.7030003@mykitchentable.net> <4EF6EC89.9050405@mail.com>
x-mayan-date: Long count = 12.19.18.17.18; tzolkin = 6 Etznab; haab = 6 Kankin
Date: Sun, 25 Dec 2011 06:44:10 -0800
In-Reply-To: <4EF6EC89.9050405@mail.com> (Jeff Tipton's message of "Sun, 25
	Dec 2011 11:27:37 +0200")
Message-ID: <86wr9k1zk5.fsf@red.stonehenge.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: freebsd-questions@freebsd.org
Subject: Re: FreeBSD 8 LiveFS - How To Start SSHD?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Dec 2011 15:03:09 -0000

>>>>> "Jeff" == Jeff Tipton <jeff.t@mail.com> writes:

Jeff> It is the default behavior of sshd to reject root, and the reason
Jeff> is security. I, personally (and I think most of the guys there
Jeff> out), just leave it that way. Just access your server with "ssh
Jeff> <your-login-name>@<your-server-ip-or-dns-address>, and then issue
Jeff> "su" command to become root. It will ask you the root password
Jeff> which you should know if you installed the system. When you have
Jeff> done all the system maintenance that you wanted, press
Jeff> <ctrl>-d. It will move you back to your personal shell and
Jeff> environment, out of root privileges. Press the <ctrl>-d the second
Jeff> time, and you are disconnected from your server.

Or better yet, install sudo, which doesn't require you to share the root
password with a group of people, reducing auditability.

I haven't used "su" in years, except to install sudo. :)

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.posterous.com/ for Smalltalk discussion