From owner-freebsd-questions@FreeBSD.ORG  Tue Apr 13 14:44:11 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6ACF916A4CE
	for <freebsd-questions@freebsd.org>;
	Tue, 13 Apr 2004 14:44:11 -0700 (PDT)
Received: from voyager.twobirds.us (c-24-18-214-102.client.comcast.net
	[24.18.214.102])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 16E6E43D39
	for <freebsd-questions@freebsd.org>;
	Tue, 13 Apr 2004 14:44:11 -0700 (PDT)
	(envelope-from joshua@twobirds.us)
Received: from [63.226.239.158] (helo=twobirds.us)
	by voyager.twobirds.us with smtp (Exim 4.31; FreeBSD)
	id 1BDVhL-0004Ox-FN
	for freebsd-questions@freebsd.org; Tue, 13 Apr 2004 14:44:03 -0700
Date: Tue, 13 Apr 2004 14:43:47 -0700
From: Joshua Lokken <joshua@twobirds.us>
To: thib <thib@heimsnet.is>
Message-ID: <20040413214346.GA3532@joloxbox>
Mail-Followup-To: thib <thib@heimsnet.is>,
	freebsd-questions@freebsd.org
References: <407AF979.7060002@daleco.biz>
	<Pine.BSI.4.33.0404131729400.3880-100000@hypselo.centroin.com.br>
	<20040413205453.0c2901bb.thib@heimsnet.is>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20040413205453.0c2901bb.thib@heimsnet.is>
User-Agent: Mutt/1.4.1i
X-Organization: Little to none...
cc: freebsd-questions@freebsd.org
Subject: Re: ssh root denied
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Apr 2004 21:44:11 -0000

* thib <thib@heimsnet.is> [2004-04-13 14:16]:
> >On Tue, 13 Apr 2004 17:36:56 -0300 (EST)
> ><scuba@centroin.com.br> wrote:
> > Hi,
> > 
> > On Mon, 12 Apr 2004, Kevin D. Kinsey, DaleCo, S.P. wrote:
> > 
> > |Root logins are disallowed by default on FreeBSD
> > |for security reasons.  The recommended approach
> > |is to log on an account that is a member of the
> > |"wheel" group, and su(1) to root when necessary
> > 
> > 
> You could  chmod them (for a _trusted_ user) and scp them inside a tunnel.
> But I on the other hand would move them with something physical ( usbkey,
> floppy or something or other )
> Check out GBDE for that case.

Isn't this situation exactly why 'sudo' (/usr/ports/security/sudo) was
developed?  I use sudo regularly for admin tasks like this.  There are
very few times when I 'need' to be root.

-- 
Joshua

Women are more easily and more deeply terrified ... generating more
sheer horror than the male of the species.
		-- Spock, "Wolf in the Fold", stardate 3615.4