On Tue, 7 Dec 2004, Matthew S. Hallacy wrote: > On Tue, Dec 07, 2004 at 02:19:19PM -0600, rpgoldman at real-time.com wrote: >> >> I'm no expert on PuTTy use, so I'm shutting up about that. But, >> absolutely AS SOON AS POSSIBLE, shut off remote root access through >> SSH! Once you've got a user account working, you'll be able to log in >> as a user and su to root for anything rootish you need to do. >> >> If you don't do this, the next time there's an sshd hole, your machine >> will be toast.... > > What kind of crack are you smoking? There is no good reason to turn off > remote root logins, beyond an extra password to type. Can you explain this further? I have the impression (or misimpression) that allowing root login is dangerous because if a vulnerability in sshd allows login without a password, an attacker can then login as root. If root login is not allowed, they must guess a username, and if that works for them, they still won't have root permissions. Anything that postpones a successful attack during the time between discovery of the exploit and application of the patch will be helpful. Is this way of thinking all wrong? I am happy to be corrected because I am not a computer expert. Mike _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota Help beta test TCLUG's potential new home: http://plone.mn-linux.org Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list