From owner-freebsd-questions@FreeBSD.ORG Tue Apr 13 13:54:15 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DABC616A4CE for ; Tue, 13 Apr 2004 13:54:15 -0700 (PDT) Received: from cg.c.is (mail.hallo.is [193.4.194.51]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0E35B43D45 for ; Tue, 13 Apr 2004 13:54:15 -0700 (PDT) (envelope-from thib@heimsnet.is) Received: from caulfield (bofh.bitcode.org [213.220.74.36]) by cg.c.is (8.12.9/8.12.9) with SMTP id i3DKsDm89658480 for ; Tue, 13 Apr 2004 20:54:13 GMT Date: Tue, 13 Apr 2004 20:54:53 +0000 From: thib To: freebsd-questions@freebsd.org Message-Id: <20040413205453.0c2901bb.thib@heimsnet.is> In-Reply-To: References: <407AF979.7060002@daleco.biz> Organization: N/a X-Mailer: Sylpheed version 0.9.10 (GTK+ 1.2.10; i386-portbld-freebsd5.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: ssh root denied X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Apr 2004 20:54:16 -0000 You could chmod them (for a _trusted_ user) and scp them inside a tunnel. But I on the other hand would move them with something physical ( usbkey,floppy or something or other ) Check out GBDE for that case. >On Tue, 13 Apr 2004 17:36:56 -0300 (EST) > wrote: > Hi, > > On Mon, 12 Apr 2004, Kevin D. Kinsey, DaleCo, S.P. wrote: > > |Root logins are disallowed by default on FreeBSD > |for security reasons. The recommended approach > |is to log on an account that is a member of the > |"wheel" group, and su(1) to root when necessary > |for administrative purposes while doing your routine > |work under a less-privileged UID... > > But, what should be te correct approach when you want to copy > root's files and/or remote execute programs as root with scripts using > scp/ssh and key authentication? > Like: > > scp master.passwd host2:/etc/ > or > ssh host2 'pwd_mkdb -p /etc/master.passwd' > > > - Marcelo > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"