-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Petr Klíma wrote:
John Andersen wrote:
I don't think that is a universally accepted setup. The only risk to root ssh logins is based on ancient flaws and timing attacks in long obsolete versions of ssh.
It has other reason - noone can do successfull dictionary attack on root account when it's not allowed to login as root. You can try to rule out this possibility by using strong password, but it might be wiser to restrict root login from trusted IPs or deny it completely (while using strong root password of course).
Tosuja
If for any reason you need to allow plaintext passwords (e.g. the Symbian version of PuTTY only handles plaintext passwords) then this is a very good idea. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGWp6basN0sSnLmgIRAlt+AJ4yl0DG9ta7JK7AWdRAvqYo4pV+nACffLEn zJ5ss9CSKECkKNbd0/Fphok= =4+2d -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org