From owner-freebsd-ports Sat Sep 19 00:42:23 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA07181 for freebsd-ports-outgoing; Sat, 19 Sep 1998 00:42:23 -0700 (PDT) (envelope-from owner-freebsd-ports@FreeBSD.ORG) Received: from polio.ecst.csuchico.edu (polio.ecst.csuchico.edu [132.241.4.13]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id AAA07173 for ; Sat, 19 Sep 1998 00:42:14 -0700 (PDT) (envelope-from manek@ecst.csuchico.edu) Received: (qmail 3292 invoked by uid 21024); 19 Sep 1998 00:41:49 -0700 Date: Sat, 19 Sep 1998 00:41:49 -0700 (PDT) From: "Sameer R. Manek" To: ports@FreeBSD.ORG Subject: ssh default sshd_config file Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ports team I was wondering why you guys left the sshd_config file to have the following entry PermitRootLogin yes Since this allows for remote root login, imho by default it should be no, this allows for systems with novice admins with insecure passwords to be vunerable. Network root login from other services isn't allowd so I think it shouldn't be allowed under ssh as well. Sameer -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Sameer Manek manek@ecst.csuchico.edu I never saw a wild thing feel sorry for itself, a small bird will drop dead, frozen from a bough without ever having felt sorry for itself. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message