> > you are warned, do not allow SSH to your box with user root at all. > ... > Having root logon enabled remotely is just asking for trouble.
The O.P. might be interested in knowing *why* allowing remote root login is considered unwise: * The name "root" is very well known. * If "root" can log in remotely, a cracker need only guess root's password to obtain root access. * If "root" cannot log in remotely, a cracker has to guess three things to obtain root access, instead of just one: + A valid username which is in the "wheel" group; + That user's password; + The root password. This at least doubles the difficulty of a brute-force attack: even if a suitable username were obvious, there would still be two passwords to be cracked. It can be made even tougher by having only one username (other than root) in the wheel group, choosing that name as if it were a password, and not allowing it to be externally known (e.g. never using it for mail). _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
