[Eug-lug] source of ssh scanner
larry price
laprice at gmail.com
Wed Aug 25 12:42:18 PDT 2004
On Wed, 25 Aug 2004 12:23:53 -0700 (PDT), Jason <chanjb at yahoo.com> wrote:
> Unfortunately, the default for openssh is yes for
> PermitRootLogin. My experience is that most folks
> don't perform a lot of sshd configuration - if it
> works out of the box, they go with it.
>
hmm default on FreeBSD is no
but on OSX it's yes
don't have a debian or gentoo box handy to check
it's in /etc/sshd_config or /etc/ssh/sshd_config
depending
permitting remote root logins over ssh seems like a bad default
although the usual solution I've seen (multiple admins and
unrestricted sudo access, i.e. shared root) is no better, and in fact
may be worse in that there are multiple tokens which could be
compromised to gain all privs.
--
http://Zoneverte.org -- information explained
Do you know what your IT infrastructure does?
More information about the EUGLUG
mailing list