Hi.
It's a question of setting weather you allow root remote login or not, some
distros dont, some do. It is also fairly simple to reject root login from
remote terminal, It surly improves security a bit :-)
check /etc/ssh/sshd_config
for PermitRootLogin yes/no
currently this value is set to yes by default ...
http://www.chiark.greenend.org.uk/pipermail/debian-uk/2003-July/001618.html
But you may want to disable root login from remote.
To explaint it:
If root is allowed to login from remote, it is simple and fast, and you do
not need an additional user created on the system for (root) to log in and do
root stuff. This is simple. But, if the remote system (from which) root in
coming is compermised, the main system is also compermised, and there are
many implications regarding not allowing root.
If root is not allowd to login from remote, then you need an additional user
for root, a thing you may want anyways, depending on hoe you build the
system. This user hoever, needs to have very good password, not mentioning
root account.
If any of your passwords, including root password are week, the whole issue
is trivial then, week passwords dont last long, and whichever user passwords
are compermized, eventually root password will also be compermized.
Hope i did not say too mutch :-)
Cheers
Szemir
On Sunday 21 September 2003 19:08, you wrote:
> Question, can you ssh into the machine using the root login? It is my
> understanding of ssh and scp that root login is denied by default.
>
> Darcy
>
> Nathanael Noblet wrote:
> > On Sunday, September 21, 2003, at 04:50 PM, Keith Robinson wrote:
> >> I am trying to transfer some files between two boxes on my lan. I
> >> thought I'd try scp since I've never used it.
> >>
> >> I do:
> >> scp -pr [EMAIL PROTECTED]:/home/keith/origin
> >> [EMAIL PROTECTED]:/home/keith/destination
> >>
> >> I get:
> >> [EMAIL PROTECTED]'s password:
> >>
> >> Now, If I type in the correct password I get:
> >> Permission denied, please try again.
> >> Permission denied, please try again.
> >> Permission denied (publickey,password,keyboard-interactive).
> >> lost connection
> >>
> >> If I type in the wrong password I get:
> >> Permission denied, please try again.
> >
> > Not positive, but I bet it thinks both passwords to both your boxes
> > are the same, if they are not, well then that won't work. Another
> > thought, I think you'll have an easier time if you ssh into the box
> > you want to scp from and do
> > scp -pr /path/to/file [EMAIL PROTECTED],...:/path/to/dest
> >
> > or if you were on the box receiving the files
> >
> > scp -pr [EMAIL PROTECTED]:/path/to/file /path/to/file
