Am Montag 09 Februar 2009 14:15:35 schrieb Nikos Chantziaras: > Heiko Wundram wrote: > > Am Montag 09 Februar 2009 13:37:31 schrieb Nikos Chantziaras: > >> Stroller wrote: > >>> I install sudo, give my user wide sudo rights and then set > >>> "PermitRootLogin no" in /etc/ssh/sshd_config. > >>> (Critique of this measure welcomed). > >> > >> Since Hung already answered about the other problem, I'll just comment > >> on this. > >> > >> It's a bad idea if the machine is open to the Internet, especially since > >> it's easy to simply "su -" or "sudo" as a normal user. > ... > Er, didn't I actually say the same? If other people have network access > to the machine, disable root. You misunderstood something.
Err, no, you didn't say the same, at least not considering your quote (I didn't read the OP): Reading the above, you said that "PermitRootLogin no" is a bad idea (i.e., disabling root login via SSH is a bad idea), whereas I said the exact opposite (and you meant the exact opposite). But, as you meant the same as me, forget what I said or just take my rant as a clarification of your point. ;-) -- Heiko Wundram Gehrkens.IT GmbH FON 0511-59027953 | http://www.gehrkens.it FAX 0511-59027957 | http://www.xencon.net Gehrkens.IT GmbH Strasse der Nationen 5 30539 Hannover Registergericht: Amtsgericht Hannover, HRB 200551 Geschäftsführer: Harald Gehrkens, Daniel Netzer
signature.asc
Description: This is a digitally signed message part.
