Am Mon, 2002-02-25 um 09.48 schrieb Buchan Milne: > Alexander Skwar wrote: > > Hallo. > > > > When I installed my new machine I've chosen the "high" security level. > > I suppose that's the reason that in /etc/ssh/sshd.config root logins are > > disabled, correct? > > > > If so, why are root ssh logins disabled? I further suppose that is, > > because root ssh logins are "bad". Correct? Well, but why are they > > "bad"? In how far is it more secure to first ssh to a normal user > > account and then do a su to become root? > > > > Alexander Skwar > > Root login requires 1 secret. User login then su requires at least 3 > (username, userpassword/ssh key, root password) plus being in wheel > group (depending on other settings that occur in high). > > If you have setup ssh with keys, and are using ssh-add, there is no > additonal convenience to having root ssh logins (since you only have to > type the password once, and don't have to "-l root"), so why purposely > make it easier for crackers and more difficult for yourself?
Hi! I use ssh-agent and "ssh root@computer" to log into my gateway. It is much more comfortable than the userlogin and su way. I dont use Password login and have disabled it, only Key login. If i disable root Login, i cant login as root via key anymore. Feb 25 12:36:54 gw sshd[13160]: ROOT LOGIN REFUSED My english isnt very good, but are you saying, that it should go via keys? mfg Rene > -- > |----------------Registered Linux User #182071-----------------| > Buchan Milne Mechanical Engineer, Network Manager > Cellphone * Work +27 82 472 2231 * +27 21 8828820x202 > Stellenbosch Automotive Engineering http://www.cae.co.za > GPG Key http://ranger.dnsalias.com/gpg.key >
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
