On 5/29/08, Gilles <[EMAIL PROTECTED]> wrote: > Hello > > With all those scripts trying to connect to SSHd as "root", I was > wondering if it'd be OK to rename this account to eg. "homer", to act > as a first line of defense?
I doubt it. > > Are there unknown consequences to doing something like that? > Probably, but if we knew what they were, they wouldn't be unknown. > If not, is it done by just editing /etc/password with vi, or is there > a better way? > Use vipw. That invokes vi (or your default editor if that's not vi) to edit the account database (which isn't actually /etc/passwd), and when you exit from vi, it runs the scripts necessary to update all the right things. Lots of peeps have already pointed out the downside of this, but if you really think it's what you want to do, probably the best way to do it is to create a second admin account named "homer" or whatever. In /etc/passwd, the "toor" account is an example of this (it is disabled by default). They both have UID 0 and are effectively the same account, just accessed by different names and passwords. Then change the root password to be invalid, so the attackers can hack away all day and have no chance of guessing the root password. You do that by putting a * in the password field (the second field) while you are in vipw. I (along with many others) think you should find a solution that doesn't require remote admin logins, but while you do the reading necessary for that, this at least seems to quickly accomplish your goal. - Bob _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"