I'm very happy with the team of e-smith and wish you all a good and sucessfully new year 2001. I'm using in 'Remote access': Secure shell (ssh) access: public Allow administrative command line access over ssh: no Allow ssh access using standard passwords: yes So I can log in with my normal user account and then make a 'su root' to administrate the server. I tried a few wrong passwords and after a reconnect of the stopped SSH connection I was able to guess other passwords. It seemed that there is no limit. Would it not be useful to limit the password tries of normal accounts to 3 or 5 and then block the account with 'passwd -l <account>' until a specific time or/and reset it with the e-smith-password ? Michael Jung ----- Kassel University Michael Jung (FB16 IEE-RE) Wilhelmshoeher Allee 73 D-34121 Kassel Fon. +49 561 804-6201 /-6377 Fax. +49 89 1488-205245 PGP Public Key Fingerprint http://wwwkeys.pgp.net 1ACD B36E 6BB2 60C6 CD35 2917 5B5D 5938 63F2 3065
