On Tue, Apr 1, 2008 at 4:45 AM, "Ciro Iriarte" <cyruspy@gmail.com> wrote: If you have to move hardware around just to change a line in the ssh configuration, it is annoying.
Regarding the regular user, as I stated before, not all servers need regular users, think about a cyrus imap black-box server... I'm just giving my impressions...
What stops you from having your own corp wide admin user in this case? and I'd suggest to name it somewhat non trivial already. root is most likely one of the most tried login attempts to my ssh daemon. so even though I need root right, I would never ever allow it to log in directly via SSH. call me paranoid, but I prefer somebody hacking in a dummy user account and then having to break a su password in plus. And the log file of failed login attempts shows me it's not the worst to do... why have them 'only' guess the password, if I can have them guess user AND password combinations? An alternative of course would be to rename root. Dominique --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org