Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 05 Oct 2001 13:42:01 -0400
From:      Brandon Fosdick <bfoz@glue.umd.edu>
To:        stable@FreeBSD.ORG
Subject:   Re: Why sshd:PermitRootLogin = no ?
Message-ID:  <3BBDF0E9.20BA0F56@glue.umd.edu>
References:  <19436.1002297239@axl.seasidesoftware.co.za> <20011005120139.D10847@pir.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Peter Radcliffe wrote:
> 
> Sheldon Hearn <sheldonh@starjuice.net> probably said:
> > Why is sshd's PermitRootLogin set to 'no' in the default installation of
> > FreeBSD?
> 
> Because it's sensible.

Given the semi-recent articles on determining passwords from sniffed ssh packets
which is least secure? Allowing remote root logins over ssh or su'ing to root?
It's my understanding that the aforementioned sniffing method doesn't work on
the initial ssh login, only on passwords typed after that (i.e. while su'ing). 

It seems to me that neither method is all that secure, so maybe the default
should be based on convenience?

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BBDF0E9.20BA0F56>