Date: Fri, 5 Oct 2001 18:10:39 +0100 From: Martin Hopkins <martin.hopkins@insignia.com> To: stable@FreeBSD.ORG Subject: Re: Why sshd:PermitRootLogin = no ? Message-ID: <15293.59791.862757.28712@luggage.isltd.insignia.com> In-Reply-To: <20011005120139.D10847@pir.net> References: <19436.1002297239@axl.seasidesoftware.co.za> <20011005120139.D10847@pir.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Peter" == Peter Radcliffe <pir@pir.net> writes:
Peter> Sheldon Hearn <sheldonh@starjuice.net> probably said:
>> Why is sshd's PermitRootLogin set to 'no' in the default installation of
>> FreeBSD?
Peter> Because it's sensible.
>> The security gain for a brand new installation is questionable. The
>> downside is that, when you have remote hands pressing the buttons for
>> you during the installation, an extra user has to be created by those
>> hands.
Peter> 1) Most people are not installing like that.
Peter> 2) I disagree with "questionable" security gain for a new installation.
Peter> 3) If it isn't the default most people will never change it, and the
Peter> long term security gain is certainly not questionable.
Peter> 4) It's consistant with the default behaviour for telnetd.
Hmm, that reminds me, out of the box it would seem that telnetd WILL
allow root logins using SRA - how do I disable this (without
rebuilding telnetd).
Apologies with this has changed since 4.3-STABLE circa early
July.
Martin
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15293.59791.862757.28712>