From owner-freebsd-questions@FreeBSD.ORG  Sat Sep 27 17:05:47 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1A21816A4B3
	for <questions@FreeBSD.org>; Sat, 27 Sep 2003 17:05:47 -0700 (PDT)
Received: from smtp01.wxs.nl (smtp01.wxs.nl [195.121.6.61])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 482F543FF2
	for <questions@FreeBSD.org>; Sat, 27 Sep 2003 17:05:46 -0700 (PDT)
	(envelope-from akruijff@www.kruijff.org)
Received: from kruij557.speed.planet.nl
	(ipd50a97ba.speed.planet.nl [213.10.151.186])18questions@FreeBSD.org;
	Sun, 28 Sep 2003 01:58:26 +0200 (MEST)
Received: from Intranet.lan (akruijff@localhost [127.0.0.1])
	h8RNwQQL008339;akruijff@Intranet.lan)
Received: (from akruijff@localhost)	by Intranet.lan (8.12.8p1/8.12.8/Submit)
	id h8RNwPV2008338; Sun, 28 Sep 2003 01:58:25 +0200 (CEST)
Date: Sun, 28 Sep 2003 01:58:25 +0200
From: Alex de Kruijff <freebsd@akruijff.dds.nl>
In-reply-to: <000a01c38501$07650bb0$1701020a@paat>
To: Kristjan <krisxx@hot.ee>
Message-id: <20030927235825.GE94873@dds.nl>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7BIT
Content-disposition: inline
User-Agent: Mutt/1.4.1i
References: <000a01c38501$07650bb0$1701020a@paat>
cc: questions@FreeBSD.org
Subject: Re: problem with shh
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Sep 2003 00:05:47 -0000

On Sat, Sep 27, 2003 at 05:09:55PM +0300, Kristjan wrote:
> HI!
> 
> I forgot to put in ssh conf that you can login as root.
> And i didnt make any users. 
> What could i do ?
> 
> The server is far far away from me. Please help. There sure has to be some kind of a bug or exploit :/
> FBSD 4.8

The OpenBSD team is fairly accurate about this. So there's not much
change of this. There was a Security Advosory for SSH but there isn't
much change you could use this.

You best changes in fixing this would be:
1. Go back
2. Ask someone else to fix it for you. If you didn't change the console
from secure to insecure he could gain acces by booting directly in to
single use mode. He could then add a user in and put this in to the
wheel group. This would be a fix. If you did change the console mode
you would have to compromise the password.

-- 
Alex

Articles based on solutions that I use:
http://www.kruijff.org/alex/index.php?dir=docs/FreeBSD/