also sprach Michael Stone <mstone@debian.org> [2006.05.07.1606 +0200]:
> >machines. On all these machines, sshd root login is restricted to
> >password-less login (RSA/DSA keys), so brute force attacks are never
> >going to succeed.
>
> Probably what you want to highlight, then, is a *successful* login.
Sure, those get logged anyway, as cracking attempts, because our
policy is never to log in as root. However, we leave
without-password in there and keep a separate root DSA key, just in
case.
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft <madduck@debian.org>
: :' : proud Debian developer and author: http://debiansystem.info
`. `'`
`- Debian - when you have better things to do than fixing a system
"i am not in favor of long engagements. they give people the
opportunity of finding out each other's character before marriage,
which i think is never advisable."
-- oscar wilde
Attachment:
signature.asc
Description: Digital signature (GPG/PGP)