2006/11/23, Igor Sobrado <[EMAIL PROTECTED]>: > > Hi again! > > I have a question on the default behaviour of OpenSSH. >
.... Someone that really wants to allow remote root logins should be able to > enable this feature just changing /etc/ssh/sshd_config. But, in my > humble opinion, most users do not really want this dangerous feature > enabled by default. And, even on small network appliances, an > unprivileged > account in the wheel group (and even in the operator group) is a good > management practice. > > I'm neither OpenBSD nor an OpenSSH developer, but I think, the main idea of enabling root by default in OpenBSD is... protection from weak passwords! Just look at this. When you're installing OpenBSD, systems asks for a root password. You're setting a reasonably strong password, and proceed with a rest of install process. After installation and (remote) configuration, if you would like to make you system a bit more secure, you just have to change PermitRootLogin from yes to no. And that's all. Now imagine root login is disabled by default. In this situation, during installation procedure, you should: * set root password; * add unprivileged user and set his password; Most of the people doesn't really much care, and then it comes to "please create new password" second time (for unpriv user), they think "That's the sh*t, f*ck%ng password again!" and types really weak or similar to previous pasword. Typically, next their step is to configure sudo to run any command with NOPASSWD. And here comes the real hole: ssh login with weak password & sudo ksh. People often think: "I'll mess with security later, after configuring all this server stuff". Resume. If you set weak password, you system is vulnerable anyway. If you set strong password, don't bother about all those kiddie stuff like ssh scanners and about PermitRootLogin. With second unprivileged user added along with root during installation, your chances to lose is higher.
