I'll probably get flamed for this but... On my boxes I leave root able to SSH, but I also give root a 12 char password from a random-char-gen thingy. Makes it hard to remember/brute force my passwords so I feel OK. I'm also using the latest OpenSSL/OpenSSH so I think my risk of exploit is small. Let the flames begin.
/B ----- Original Message ----- From: "DuSTiN KRySaK" <[EMAIL PROTECTED]> To: "Redhat Mailing List" <[EMAIL PROTECTED]> Sent: Friday, March 07, 2003 14:00 Subject: Ssh and root risk > Quick question.. > > I na one user environment - is leaving root able to SSH in bad? I mean I > know typically you are to disable SSH access for ROOT. But I am wondering > why? Are there known exploits? If I am the only person with access to this > machine, is there an issue? > > > Sorry for the newbie security question. > > d > > > > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list