On Sat, March 5, 2005 02:41, Matthew Vernon said: > Please read README.Debian before submitting your bug reports - this is > good practice for any package, not just ssh.
You're absolutely correct, I should have done that, sorry. If you permit, I'd like to ask a question about this. To me, the text in README.Debian is not clear on the following point: how is allowing root login just as secure as not allowing that? You write: "If you set it to no, then they must compromise a normal user account. In the vast majority of cases, this does not give added security; remember that any account you su to root from is equivalent to root - compromising this account gives an attacker access to root easily." As I understand this, the hacker has to do the following to gain superuser privileges. PRL-on: 1. Know the root password. PRL-off: 1. Compromise a normal user account (one that allows su-ing). 2. Know the root password or a local root exploit. The second one is hence more difficult than the first one (compromising two accounts is inherently more difficult than one). Step (1) can be more challenging because you need to know a valid username (also not always trivial since systems are configured by default not to leak this information). So to me it just seems to add some extra security to the whole thing, doesn't it? I've done some web searching and found out that many security documents / HOWTO's / manuals advise to turn this off. And found none that actually advise to turn it on. Secondly, I don't see the great advantage of turning it on. You might argue whether turning it off makes things more secure or not, but in the worst case it's at least just as secure as turning it off. I don't see a good reason to allow remote root logins *by default* to newly installed boxes, and those who have a good reason to want it can easily turn it on. I'm interested in your views on this matter. Regards, Thijs Kinkhorst -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
