Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 20 Nov 2007 16:20:43 -0800
From:      Jeremy Chadwick <koitsu@FreeBSD.org>
To:        "Julian H. Stacey" <jhs@berklix.org>
Cc:        freebsd-stable@freebsd.org, "Aryeh M. Friedman" <aryeh.friedman@gmail.com>
Subject:   Re: Software for distribution of configuration files and changes
Message-ID:  <20071121002043.GA98340@eos.sc1.parodius.com>
In-Reply-To: <200711202315.lAKNFa4R012904@fire.js.berklix.net>
References:  <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAACAAAAAAAAAAiuboouUF6EKrT2uPks5M1AAAAAD7AgAAAPYFABAAAAAdMdDZF9ebRbtpiHRx6LqFAQAAAAA=@kmjeuro.com> <474325A0.7060802@gmail.com> <200711202315.lAKNFa4R012904@fire.js.berklix.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 21, 2007 at 12:15:36AM +0100, Julian H. Stacey wrote:
> Add
> 	PermitRootLogin yes
> to
> 	/etc/ssh/sshd_config

This should really be "PermitRootLogin without-password".  Yes, the
phrase "without-password" looks scary, but it isn't so much -- it allows
root login via passwordless SSH keys only, while simultaneously
continues disallowing root logins via keyboard/password authentication.
sshd_config(5) has details.

-- 
| Jeremy Chadwick                                    jdc at parodius.com |
| Parodius Networking                           http://www.parodius.com/ |
| UNIX Systems Administrator                      Mountain View, CA, USA |
| Making life hard for others since 1977.                  PGP: 4BD6C0CB |




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071121002043.GA98340>