Date: Fri, 2 Nov 2001 19:34:50 +0100 From: "Anthony Atkielski" <anthony@atkielski.com> To: "FreeBSD Questions" <freebsd-questions@freebsd.org> Subject: Re: Lockdown of FreeBSD machine directly on Net Message-ID: <01ab01c163cd$12f50ea0$0a00000a@atkielski.com> References: <000301c163ab$927fefe0$6401a8c0@daveabit>
next in thread | previous in thread | raw e-mail | index | archive | help
Hmm ... I'll try it. Is ssh going to create a conflict if I use su to go from place to place? (Since the original ssh login is associated with the key of a specific user.) ----- Original Message ----- From: "David Powers" <wizlord@swbell.net> To: "'Anthony Atkielski'" <anthony@atkielski.com>; "'Mike Meyer'" <mwm@mired.org> Cc: <questions@freebsd.org> Sent: Friday, November 02, 2001 15:35 Subject: RE: Lockdown of FreeBSD machine directly on Net > So you login as you and then use the su command to elevate to root. You > should never log directly in as root. > > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Anthony > Atkielski > Sent: Friday, November 02, 2001 2:48 AM > To: Mike Meyer > Cc: questions@freebsd.org > Subject: Re: Lockdown of FreeBSD machine directly on Net > > > Mike writes: > > > Subscribe to the appropriate security lists - > > freebsd-security at a bare minimum ... > > Done. > > > Everyone is going to tell you to kill telnetd > > - and they are probably right, as sshd lets > > you do all that. > > Except that sshd isn't letting me log in as root. When I try that, it says: > "Sorry, you are not allowed to connect." But I changed the remotes to > secure in > ttys, and I put the PermitRootLogin to "yes" in sshd_config. What else do I > have to do? SSH works for other accounts. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01ab01c163cd$12f50ea0$0a00000a>