From owner-freebsd-security Wed Jan 26 12: 9: 4 2000 Delivered-To: freebsd-security@freebsd.org Received: from security1.noc.flyingcroc.net (security1.noc.flyingcroc.net [207.246.128.54]) by hub.freebsd.org (Postfix) with ESMTP id 62F7414D23 for ; Wed, 26 Jan 2000 12:09:00 -0800 (PST) (envelope-from todd@flyingcroc.net) Received: from localhost (todd@localhost) by security1.noc.flyingcroc.net (8.9.3/8.9.3) with ESMTP id MAA60735; Wed, 26 Jan 2000 12:08:34 -0800 (PST) (envelope-from todd@flyingcroc.net) X-Authentication-Warning: security1.noc.flyingcroc.net: todd owned process doing -bs Date: Wed, 26 Jan 2000 12:08:34 -0800 (PST) From: Todd Backman X-Sender: todd@security1.noc.flyingcroc.net To: Bill Swingle Cc: security@freebsd.org Subject: Re: root authorized_keys ignore? In-Reply-To: <20000126113452.A61475@dub.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hey Bill! just the use of authorized_keys... just want to combat the "lazy-admin-syndrome" ;^) Thanks. - Todd btw...Any good looks from the tshirt??? ;^) On 26 Jan 2000, Bill Swingle wrote: > Do you wantto disallow root logins altogether or just the use of > authorized_keys? > > -Bill > > On Wed, Jan 26, 2000 at 11:18:53AM -0800, Todd Backman wrote: > > > > Greetings. > > > > I have checked the man pages for both ssh and sshd as well as cheking the > > archives and cannot answer this question: > > > > Is there any way to get sshd to ignore root's authorized_keys? (disallow > > the practice of putting the private key on another sever to allow for > > passwordless entry) > > > > I would still like to allow this on our servers for non-root accts but *DO > > NOT* want to allow it for root... > > > > Any hits with the clue bat? > > > > Thanks. > > > > - Todd > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > -- > -=| --- B i l l S w i n g l e --- http://www.dub.net/ > -=| unfurl@dub.net - unfurl@freebsd.org - bill@cdrom.com > -=| Different all twisty a of in maze are you, passages little > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message