Re: Ssh and root risk

2003-03-11 Thread Bret Hughes
On Tue, 2003-03-11 at 09:23, Bill Carlson wrote: > On Sun, 9 Mar 2003, Mikkel L. Ellertson wrote: > > > I preferrer to set root to "PermitRootLogin without-password" so you can > > only log in with a valid key pair. As long as you have a good password > > on the private key, it makes it hard fo

Re: Ssh and root risk

2003-03-11 Thread Bill Carlson
On Sun, 9 Mar 2003, Mikkel L. Ellertson wrote: > I preferrer to set root to "PermitRootLogin without-password" so you can > only log in with a valid key pair. As long as you have a good password > on the private key, it makes it hard for anyone to log in. They have to > get the private key, a

Re: Ssh and root risk

2003-03-09 Thread Mikkel L. Ellertson
On Fri, 7 Mar 2003, David Busby wrote: > I'll probably get flamed for this but... >On my boxes I leave root able to SSH, but I also give root a 12 > char password from a random-char-gen thingy. Makes it hard to > remember/brute force my passwords so I feel OK. I'm also using the > latest Ope

Re: Ssh and root risk

2003-03-07 Thread DuSTiN KRySaK
Yeah I can see that.. Was just curious.. I am going to disable the root ssh access, and ad my user id to the sudoers file, and then I can do stuff that way. d On 3/7/03 2:10 PM, "Bart SCHELSTRAETE" <[EMAIL PROTECTED]> spit this out onto my computer screen: > DuSTiN KRySaK wrote: > >> Quick q

Re: Ssh and root risk

2003-03-07 Thread Bart SCHELSTRAETE
David Busby wrote: I'll probably get flamed for this but... On my boxes I leave root able to SSH, but I also give root a 12 char password from a random-char-gen thingy. Makes it hard to remember/brute force my passwords so I feel OK. I'm also using the latest OpenSSL/OpenSSH so I think my risk

Re: Ssh and root risk

2003-03-07 Thread David Busby
exploit is small. Let the flames begin. /B - Original Message - From: "DuSTiN KRySaK" <[EMAIL PROTECTED]> To: "Redhat Mailing List" <[EMAIL PROTECTED]> Sent: Friday, March 07, 2003 14:00 Subject: Ssh and root risk > Quick question.. > > I na one us

Re: Ssh and root risk

2003-03-07 Thread Bart SCHELSTRAETE
DuSTiN KRySaK wrote: Quick question.. I na one user environment - is leaving root able to SSH in bad? I mean I know typically you are to disable SSH access for ROOT. But I am wondering why? Are there known exploits? If I am the only person with access to this machine, is there an issue? Sorry for

Ssh and root risk

2003-03-07 Thread DuSTiN KRySaK
Quick question.. I na one user environment - is leaving root able to SSH in bad? I mean I know typically you are to disable SSH access for ROOT. But I am wondering why? Are there known exploits? If I am the only person with access to this machine, is there an issue? Sorry for the newbie security