On Samstag 17 Januar 2009, Grant wrote: > >> >> an ssh config setting, in shorewall, or somewhere else? > >> > > >> > You can: > >> > > >> > 1) use pam as described by Mike > >> > > >> > or > >> > > >> > 2) use sshd_config "AllowUsers" > >> > >> Thanks a lot, I went with 'AllowUsers root' in sshd_config since sshd > >> is the only service running on the system. > > > > I really would not do that. Instead create a user to log in and su to > > root. Root should not be allowed to log in - way to risky. > > Is the idea to put 2 passwords in the way of gaining root access?
one key+username and one password. > The > problem is twice as many passwords to memorize. Even if the 2 > passwords are the same, I suppose they would have to come up with the > username too which is a (thin) extra layer. just use pubkey for ssh. It is much saver anyway.
