On Monday 28 May 2007, G T Smith wrote: > Petr Klíma wrote: > > John Andersen wrote: > >> I don't think that is a universally accepted setup. The only risk to > >> root ssh logins is based on ancient flaws and timing attacks in > >> long obsolete versions of ssh. > > > > It has other reason - noone can do successfull dictionary attack on root > > account when it's not allowed to login as root. You can try to rule out > > this possibility by using strong password, but it might be wiser to > > restrict root login from trusted IPs or deny it completely (while using > > strong root password of course). > > > > Tosuja > > If for any reason you need to allow plaintext passwords (e.g. the > Symbian version of PuTTY only handles plaintext passwords) then this is > a very good idea.
When using ssh, there is no case where plain text passwords are sent over the network. Everything is encrypted. -- _____________________________________ John Andersen -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
