On Tue Sep 18, 2001 at 03:24:10PM +0200, Florin wrote:
> > I think msec is the only solution. msec can allow/disallow login from
> > the console, the same solution should apply. If you allow root at the
> > console, I don't see why allowing root via openssh is any more of a
> > security risk. If someone is willing to take the time to brute-force
> > your root password, someone could just as easily take the time to
> > brute-force your home's locks. I'd wager someone could break into
> > your house (yours, mine, whomevers) faster than they could brute-force
> > your root password.
> >
> > It's a careful balance. If you have no need to ssh in as root, then
> > by all means set msec to level 4 and disable it. I think most people
> > don't see the difference between sshing as root or su'ing as root an
> > sshing as a regular user.
>
> Ok, I'll disable root ssh login in the 4th and 5th levels of security.
Good stuff, Florin. =)
--
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD
- Danen Consulting Services www.danen.net, www.freezer-burn.org
- MandrakeSoft, Inc. Security www.linux-mandrake.com
Current Linux kernel 2.4.8-24mdk uptime: 1 day 5 hours 39 minutes.
PGP signature
