On Tuesday 24 July 2007 11:33:26 Norberto Meijome wrote: > On Wed, 30 May 2007 02:06:38 -0700 > > [EMAIL PROTECTED] wrote: > > * If "root" cannot log in remotely, a cracker has to guess three > > guess or brute force - so quite long random passwords (or ssh keys) are > extremely recommendable. > > > things to obtain root access, instead of just one: > > > > + A valid username which is in the "wheel" group; > > + That user's password; > > + The root password. > > that is assuming, of course, that the user your just logged in with belongs > to wheel.
If one must allow root logins via ssh, I recommend in sshd_config: PermitRootLogin without-password This will force the use of a passphrase and disallow root login with just a password. _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"