https://bugzilla.mindrot.org/show_bug.cgi?id=3148
--- Comment #7 from Anderson Medeiros Gomes <[email protected]> --- Ok. The proposed solution sounds good to me. Thanks, Damien. Although sole host-based authentication for superuser is a bad security practice, I think that OpenSSH should be sufficiently flexible to allow such configuration and fit specific needs. I know that my request sounds weird. Please, could the documentation be patched to in order to clarify that refusing host-based root login is intentional? I propose something like this: ------------------------------------------- ----------- man(5) sshd_config ------------ HostbasedAuthentication Specifies whether rhosts or /etc/hosts.equiv authentication together with successful public key client host authentication is allowed (host-based authentication). /etc/hosts.equiv is always ignored for host-based superuser authentication. The default is no. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
