Re: Why Disable Root ssh login?

To: debian-user@lists.debian.org
Subject: Re: Why Disable Root ssh login?
From: Dave Ewart <davee@sungate.co.uk>
Date: Fri, 15 Dec 2006 16:59:26 +0000
Message-id: <[🔎] 20061215165926.GA5413@sungate.co.uk>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 1166169318.6399.363.camel@tower>
References: <[🔎] 45824494.4090904@gmail.com> <[🔎] 1166169318.6399.363.camel@tower>

On Friday, 15.12.2006 at 15:55 +0800, Tim Post wrote:

> Leaving root enabled via SSH, you're doing half of the hacker's work
> for them.

A half-way house option is to only allow root logins via public/private
key, rather than via password.  To do this, put

PermitRootLogin without-password

into sshd_config.  This stops any direct password attacks.  It is less
secure than disabling access to the root account completely, but offers
a great deal of convenience that can sometimes be useful.

Dave.
-- 
Please don't CC me on list messages!
...
Dave Ewart - davee@sungate.co.uk - jabber: davee@jabber.org
All email from me is now digitally signed, key from http://www.sungate.co.uk/
Fingerprint: AEC5 9360 0A35 7F66 66E9 82E4 9E10 6769 CD28 DA92

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Why Disable Root ssh login?
  - From: Grok Mogger <linuximp@gmail.com>
- Re: Why Disable Root ssh login?
  - From: Tim Post <tim.post@netkinetics.net>

Prev by Date: Re: Re: dselect and resolving
Next by Date: Re: aptitutde: "untrusted versions of the following packages will be installed!"
Previous by thread: Re: Why Disable Root ssh login?
Next by thread: Re: Why Disable Root ssh login?
Index(es):
- Date
- Thread