@openbsd.org
Subject: Re: sshd_config(5) PermitRootLogin yes
Paul de Weerd escreveu:
On Thu, Jul 10, 2008 at 01:21:20PM -0400, Brynet wrote:
The keyword here is *default*.
Say you installed OpenBSD on a soekris, it's nice having root enabled
temporarily.
That way you can login at a later time
On Fri, 11 Jul 2008 07:16:38 +0100, Tomas Bodzar wrote:
You can setup weak root password during install ;-)
There is no test,so I can use root,password,admin and so on.
Who gives a fluck? OpenBSD gives you all the tools, even if they are
too sharp for dull blunts.
If you don't like the
Brian A. Seklecki wrote:
On Thu, 10 Jul 2008, Jacob Yocom-Piatt wrote:
maybe if people actually READ THE ARCHIVES, they'd be better
informed. i wish this mailing list had
I didn't want to rehash it all again. Everyone knows the issues.
so put your own /etc/ssh/sshd_config into your
My 4.3 installs defaulted to PermitRootLogin yes after install.
-HKS
On Thu, Jul 10, 2008 at 10:35 AM, Brian A. Seklecki
[EMAIL PROTECTED] wrote:
Am I reading this right?
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?rev=1.80content-type=text/x-cvsweb-markup
I dont have a
On Thu, Jul 10, 2008 at 10:35:06AM -0400, Brian A. Seklecki wrote:
Am I reading this right?
Yes.
[...]
I remember that I filed PRs with FreeBSD/NetBSD a few years ago to get
this changed, but Redhat Support is giving some some noise about:
Well the source vendor doesn't disable it by
Brian A. Seklecki wrote:
Am I reading this right?
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?rev=1.80content-type=text/x-cvsweb-markup
I dont have a fresh install anywhere -- but I want to say that it doesnt
default to PermitRootLogin yes after the install.
I
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Brian A. Seklecki
Sent: Thursday, July 10, 2008 10:35 AM
To: misc@openbsd.org
Subject: sshd_config(5) PermitRootLogin yes
Am I reading this right?
http://www.openbsd.org/cgi-
Of course it is enabled by default. Why do I want a box that is
freshly installed and unreachable?
On Thu, Jul 10, 2008 at 10:35:06AM -0400, Brian A. Seklecki wrote:
Am I reading this right?
The keyword here is *default*.
Say you installed OpenBSD on a soekris, it's nice having root enabled
temporarily.
That way you can login at a later time, create a lesser privledged
account, edit the sudoers file.. and disable root logins in sshd_config.
I believe the developers decision is
On Thu, Jul 10, 2008 at 01:21:20PM -0400, Brynet wrote:
The keyword here is *default*.
Say you installed OpenBSD on a soekris, it's nice having root enabled
temporarily.
That way you can login at a later time, create a lesser privledged account,
edit the sudoers file.. and disable root
On Thu, Jul 10, 2008 at 07:40:47PM +0200, Paul de Weerd wrote:
root logins are also quite useful when /home is on NFS and NFS is
broken somehow and you need to log in to fix stuff. Myself, I keep it
enabled, even if I don't have /home on NFS and already have my
less-privileged user for sudo
On Thu, 10 Jul 2008, Brynet wrote:
The keyword here is *default*.
Say you installed OpenBSD on a soekris, it's nice having root enabled
temporarily.
That way you can login at a later time, create a lesser privledged account,
On Soekris, does the first boot console access not function
afterboot(8) covers this
Works for me, I guess. =/
~BAS
http://www.openbsd.org/cgi-bin/man.cgi?query=afterbootapropos=0sektion=0ma
npath=OpenBSD+Currentarch=i386format=html
Paul de Weerd escreveu:
On Thu, Jul 10, 2008 at 01:21:20PM -0400, Brynet wrote:
The keyword here is *default*.
Say you installed OpenBSD on a soekris, it's nice having root enabled
temporarily.
That way you can login at a later time, create a lesser privledged account,
edit the
On Thu, 10 Jul 2008, Marco Peereboom wrote:
Of course it is enabled by default. Why do I want a box that is
freshly installed and unreachable?
No -- I just find that most of afterboot(8) can be done from the console;
even serial console, at first boot, configure the network, add a non-root
On Thu, Jul 10, 2008 at 01:38:22PM -0400, Brian A. Seklecki wrote:
I guess I'm just having trouble imagining the situation where you have
console access, but need to do basic post-install configuration via the
network, as root, remotely.
This is how I normally do it. I don't like to stand at
And they got it all wrong. It is all for the perceived sense of
security. Not being able to login over ssh right after install sucks.
I am that guy that ends up enabling it on all other boxes that use a
different default.
The machine I install and then deploy to be hostile network connected
Marco Peereboom wrote:
And they got it all wrong. It is all for the perceived sense of
security. Not being able to login over ssh right after install sucks.
I am that guy that ends up enabling it on all other boxes that use a
different default.
The machine I install and then deploy to be
Dude,
Why do you let them tell you because the source blah blah? Isn't
that why you pay them lots of $$?
On 7/10/08, Brian A. Seklecki [EMAIL PROTECTED] wrote:
Am I reading this right?
On Thu, 10 Jul 2008, Jacob Yocom-Piatt wrote:
maybe if people actually READ THE ARCHIVES, they'd be better informed. i wish
this mailing list had
I didn't want to rehash it all again. Everyone knows the issues.
However, with respect to the right to disagree, if Marco's and Darrin's
belief
On Jul 10, 2008, at 9:19 PM, Brian A. Seklecki [EMAIL PROTECTED]
wrote:
On Thu, 10 Jul 2008, Jacob Yocom-Piatt wrote:
maybe if people actually READ THE ARCHIVES, they'd be better
informed. i wish this mailing list
There is a security risk / attack vector here, however remote,
without
On Fri, Jul 11, 2008 at 12:19:27AM -0400, Brian A. Seklecki wrote:
On Thu, 10 Jul 2008, Jacob Yocom-Piatt wrote:
maybe if people actually READ THE ARCHIVES, they'd be better
informed. i wish this mailing list had
I didn't want to rehash it all again. Everyone knows the issues.
However,
22 matches
Mail list logo