Le 13/08/2012 10:58, Pascal Terjan a écrit :
Allowing login as root over ssh with a key can save things when for
some reason non local auth is down, like to fix the connection to the
ldap server (you can also create a local emergency account for that
usage).
Actually, David question was not
"is allowing root login through ssh a good idea ?"
which is not decidable anyway, but
"in order to prevent root login in default configuration, should also
make use of pam_listfile in ssh pam configuration file, which is
redundant and unknown currently of out security-assistant-wizard ?"
--
BOFH excuse #434:
Please state the nature of the technical emergency
