Hi Edward, > Continuing in the same vein: double check that the OpenSSH sshd_config has > PermitRootLogin set to no. If set to yes, this allows anyone to attempt to > login directly as root. Although I am not a security expert by any means, I > recall reading that this is not a good idea... Instead, you can login as > admin and then su to get root access.
...unless your box is cracked/0wn3d/compromised/whatever-you-want-to-call-it. It is all a matter of opinion. I remember Zeffie mentioning that the only way to succesfully 'restore' a box after it had been compromised and `su` had been tampered with was to log in as root directly. And I do recall Zeffie being a very decent, security conscious contributor to this list. It is therefore not all bad. Just remember to give the root account a *very* strong password and to change it pretty regularly. My personal favourite password is a generated password, hard to remember even by me. Mind you, I do not allow direct root logins (so I tend to agree with you). Mind you, again, that I have physical access to my machines. If you're colocating a few thousand miles away, make sure your ISP is a pretty decent one. "You get what you pay for" has been said many times before on these lists... and it's true. Don't save a few bucks if you really needn't. Have a great one... Nico _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
