From owner-freebsd-questions@FreeBSD.ORG  Thu Feb  3 22:40:04 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9006616A4CE
	for <freebsd-questions@freebsd.org>;
	Thu,  3 Feb 2005 22:40:04 +0000 (GMT)
Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.202])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9B05043D39
	for <freebsd-questions@freebsd.org>;
	Thu,  3 Feb 2005 22:40:03 +0000 (GMT)
	(envelope-from linicks@gmail.com)
Received: by rproxy.gmail.com with SMTP id 40so255212rnz
	for <freebsd-questions@freebsd.org>;
	Thu, 03 Feb 2005 14:40:02 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references;
	b=AYXCipiM8wTHOt/f58pm/GgT0+wcf3wT84ETvXSa3ZfmIABRVLivYbOXuXqRbJbNr9XgXfB9o8w7LSmjSXOqAha6whpcjaVCqQ8HqYPgl1aVllXPRImKQl3i+cLUARs7gRPKw/xbu0CjaNhsq6hAmx5lwAAsva0r7u/TVLdlbBo=
Received: by 10.38.19.34 with SMTP id 34mr29184rns;
        Thu, 03 Feb 2005 14:40:02 -0800 (PST)
Received: by 10.38.8.20 with HTTP; Thu, 3 Feb 2005 14:40:02 -0800 (PST)
Message-ID: <dc9ba044050203144013388b8b@mail.gmail.com>
Date: Thu, 3 Feb 2005 15:40:02 -0700
From: Nick Pavlica <linicks@gmail.com>
To: Gert Cuykens <gert.cuykens@gmail.com>
In-Reply-To: <ef60af09050203143220daf9f9@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
References: <ef60af09050203143220daf9f9@mail.gmail.com>
cc: freebsd-questions@freebsd.org
Subject: Re: ssh default security risc
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Nick Pavlica <linicks@gmail.com>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Feb 2005 22:40:04 -0000

In this scenario the box has already been compromised and needs
serious attention now.  Even if you have to go to the land of Far Far
away :)


On Thu, 3 Feb 2005 23:32:18 +0100, Gert Cuykens <gert.cuykens@gmail.com> wrote:
> By default the root ssh is disabled. If a dedicated server x somewhere
> far far away doesn't have root ssh enabled the admin is pretty much
> screwed if they hack his user  account and change the user password
> right ?
> 
> So is it not better to enable it by default ?
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>