Date: Sun, 7 Oct 2001 14:22:16 -0700 From: David Schwartz <davids@webmaster.com> To: <freebsd-stable@FreeBSD.ORG> Subject: Re: Why sshd:PermitRootLogin = no ? Message-ID: <20011007212217.AAA6070@shell.webmaster.com@whenever> In-Reply-To: <200110061024.MAA23902@lurza.secnetix.de>
index | next in thread | previous in thread | raw e-mail
On Sat, 6 Oct 2001 12:24:20 +0200 (CEST), Oliver Fromme wrote: >There are installations where people don't want root logins to be enabled, >whether with password or not. This includes many of the machines I am >responsible for -- If the default was changed, I'd have to edit sshd_config >and replace "without-password" with "no" everywhere. Why? Having it set to "without-password" doesn't allow root logins and neither does "no", so what difference does it make either way? Both settings have the precise same effect unless other changes are made. Anyone who could or would install a key for root could or would change the default root login option. One can make an argument that someone would be quite likely to change the default from "no" to "yes" (because they might not even know about the "without-password" option). So having the option set to "without-password" could actually be more secure in fairly realistic circumstances. DS To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the messagehelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011007212217.AAA6070>