From owner-freebsd-ports Sat Sep 19 11:50:46 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA05758 for freebsd-ports-outgoing; Sat, 19 Sep 1998 11:50:46 -0700 (PDT) (envelope-from owner-freebsd-ports@FreeBSD.ORG) Received: from dt053nb4.san.rr.com (dt053nb4.san.rr.com [204.210.34.180]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA05753 for ; Sat, 19 Sep 1998 11:50:45 -0700 (PDT) (envelope-from Studded@dal.net) Received: from dal.net (Studded@localhost [127.0.0.1]) by dt053nb4.san.rr.com (8.8.8/8.8.8) with ESMTP id LAA15067; Sat, 19 Sep 1998 11:50:16 -0700 (PDT) (envelope-from Studded@dal.net) Message-ID: <3603FCE8.741DA83E@dal.net> Date: Sat, 19 Sep 1998 11:50:16 -0700 From: Studded Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.06 [en] (X11; I; FreeBSD 2.2.7-STABLE-0918 i386) MIME-Version: 1.0 To: "Sameer R. Manek" CC: ports@FreeBSD.ORG Subject: Re: ssh default sshd_config file References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Sameer R. Manek wrote: > > Ports team > I was wondering why you guys left the sshd_config file to > have the following entry > > PermitRootLogin yes There is a balance between allowing the "flavor" of individual ports to come through as their designers intended, and frobbing things to fit the "FreeBSD Way" (TM). Personally I always change things in sshd_config, namely: LoginGraceTime 60 PermitRootLogin no IgnoreRhosts yes PermitEmptyPasswords no But I'm known as a fascist. :) In fact, I sometimes enable the fascist logging option, but it gets to be a little much on a busy system. You might want to contact the maintainer of the port about this. Personally I would support a move to make sshd more like the way FreeBSD does things because of the importance of it. Doug To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message