Re: [Cooker] [openssh-server] should sshd allow root login ?
On Sun, 9 Mar 2003, Olivier Blin wrote: Hi The defaut sshd installation allows root login. It could be a major security problem to allow root login by ssh. In /etc/ssh/sshd_config, I can see this: #PermitRootLogin yes. Perhaps would it be better to put PermitRootLogin no instead. Choose a different security level, and it will be done for you, and many other things you would want on a system connected to a network of any size. -- |Registered Linux User #182071-| Buchan MilneMechanical Engineer, Network Manager Cellphone * Work+27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
Re: [Cooker] [openssh-server] should sshd allow root login ?
Choose a different security level, and it will be done for you, and many other things you would want on a system connected to a network of any size. Okay, perhaps should Standard security level be renamed to Weak ;) How can a user know what restrictions are applied for each security level ? A Details ... button in draksec to know what allows the security level would be helpful :) Olivier Blin
Re: [Cooker] [openssh-server] should sshd allow root login ?
On Sunday 09 March 2003 12:30 pm, Olivier Blin wrote: Choose a different security level, and it will be done for you, and many other things you would want on a system connected to a network of any size. Okay, perhaps should Standard security level be renamed to Weak ;) How can a user know what restrictions are applied for each security level ? A Details ... button in draksec to know what allows the security level would be helpful :) http://www.mandrakesecure.net/en/docs/msec.php -- Greg
Re: [Cooker] [openssh-server] should sshd allow root login ?
http://www.mandrakesecure.net/en/docs/msec.php Thanks but this page seems outdated: I can only choose between 3 security levels in draksec, while five are described in this page. Futhermore, it doesn't talk about sshd (or just a little). And it would be really helpful to add further descriptions in draksec :)
Re: [Cooker] [openssh-server] should sshd allow root login ?
Viestissä Sunnuntai 9. Maaliskuuta 2003 20:06, Olivier Blin kirjoitti: http://www.mandrakesecure.net/en/docs/msec.php Thanks but this page seems outdated: I can only choose between 3 security levels in draksec, while five are described in this page. Futhermore, it doesn't talk about sshd (or just a little). And it would be really helpful to add further descriptions in draksec :) man msec tells you how to change to different levels... Thomas
Re: [Cooker] [openssh-server] should sshd allow root login ?
On Sun Mar 09 21:47 +0200, Thomas Backlund wrote: Viestissä Sunnuntai 9. Maaliskuuta 2003 20:06, Olivier Blin kirjoitti: http://www.mandrakesecure.net/en/docs/msec.php Thanks but this page seems outdated: I can only choose between 3 security levels in draksec, while five are described in this page. Futhermore, it doesn't talk about sshd (or just a little). And it would be really helpful to add further descriptions in draksec :) man msec tells you how to change to different levels... But it doesn't actually say what the levels do (and what the various options for level.local and so forth are). -- Levi Ramsey [EMAIL PROTECTED] [EMAIL PROTECTED] The food of love is Mandrake root. GPG Fingerprint: 354C 7A02 77C5 9EE7 8538 4E8D DCD9 B4B0 DC35 67CD Currently playing: Billy Joel - Only the Good Die Young Linux 2.4.21-0.13mdk 14:50:00 up 22:38, 10 users, load average: 0.41, 0.35, 0.27
Re: [Cooker] [openssh-server] should sshd allow root login ?
man msec tells you how to change to different levels... Yes, but it doesn't tell me when sshd will allow root login. How can the user know that ?
Re: [Cooker] [openssh-server] should sshd allow root login ?
On Sunday 09 March 2003 02:57 pm, Olivier Blin wrote: man msec tells you how to change to different levels... Yes, but it doesn't tell me when sshd will allow root login. How can the user know that ? level 4 and higher I believe -- Greg
Re: [Cooker] [openssh-server] should sshd allow root login ?
Viestissä Sunnuntai 9. Maaliskuuta 2003 21:56, Levi Ramsey kirjoitti: On Sun Mar 09 21:47 +0200, Thomas Backlund wrote: Viestissä Sunnuntai 9. Maaliskuuta 2003 20:06, Olivier Blin kirjoitti: http://www.mandrakesecure.net/en/docs/msec.php Thanks but this page seems outdated: I can only choose between 3 security levels in draksec, while five are described in this page. Futhermore, it doesn't talk about sshd (or just a little). And it would be really helpful to add further descriptions in draksec :) man msec tells you how to change to different levels... But it doesn't actually say what the levels do (and what the various options for level.local and so forth are). actually it states: For a fine description of each security level, consult the documentation under /usr/share/doc/msec-*/security.txt. and there you see what the different levels do... Thomas