With a properly configured firewall, dictionary attacks are pretty much a non-issue. My firewalls rate limit ssh connection attempts which pretty much stops dictionary attacks in their tracks. .... I still think no convincing case for limiting root ssh logins has come foreward.
I agree with what you said. The only reason why I disable ssh root access is to force myself (and other colleagues) to get use to log in with their normal user and su (if they have the root password) only when they really need it: When remote root ssh was allowed, some people always logged in as root, thinking for instance that compiling software required to be root when actually only the installation really require it. Just to make them more "security-aware" Best regards, Gael -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
