On Tue, 05 Dec 2000, Thornton Prime wrote:
> On Tue, 5 Dec 2000, K Old wrote:
>
> > Ok, I am in the same situation. I have installed the RPM for ssh 2.3 and
> > have started it. It is running under root right now, but I realize that
> > this might not be safe. How and is it necessary for me to start it as
> > nobody?
>
> Any process that handles logins needs to run as root, including ssh.
>
> OpenSSH is relatively well scruitinized for security holes. Use strong
> crypto and strong authentication to allow only trusted logins and you can
> make yourself even safer.
>
And, if possible, limit the logins to certain "trusted" IP addresses
(like from YOUR workstation to your server and not to the general
range of IPs on your network.)
John
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list