[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh and root logins

> /etc/ssh/sshd_config:
> PermitRootLogin no
> You will have to login as ordinary user, and than do "su -".

That's not so convenient for doing nightly rsync backups over ssh though.
I know what keys to expect coming in for this - hence the question about
disallowing password login for root, but still allowing root login with
known keys.
> Use tcpwrappers to limit users and IP addresses:
> /etc/hosts.allow:
> sshd: peter@xxx.xxx.xxx.xxx

Currently I have not seen attacks on normal user accounts and don't feel
the tradeoff of limiting normal users (who are all trusted in my case) is
worth the hassle.  Obviously this might not be true any more in the

Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
pgp key available

Reply to: