What is confusing is the rc.config setting ROOT_LOGIN_REMOTE. It only covers telnet, which no sane security minded person would use anyway. The comments does not indicate this however, so one might think that no remote login was possible at all when this is set to "no", very ufortunate!
It would seem logical to let ROOT_LOGIN_REMOTE affect all kinds of remote shells, if possible, or at least put a comment on it that it only affects telnet.
Regards,
Simon Lodal
You're right, the fact deserves at least a comment in /etc/rc.config. But if you claim that a password authentication scheme is insecure even if protected communication channels (console, ssh, ...) are being used, then why would you use password authentication methods in the first place? (Passwords are useless if you don't honor the secret they provide.) ROOT_LOGIN_REMOTE is window-dressing anyway, unless you decline logins of ordinary users as well. The use of `su -' succeeding a login using a plaintext protocol and password authentication is even worse, revealing _two_ passwords. (I wonder who do we protect ourselves against...) From this standpoint, it might make sense to abolish the ROOT_LOGIN_REMOTE mimics completely and replace it with a general ALLOW_LOGIN_REMOTE and/or PLAINTEXT_LOGIN_REMOTE, effectual for all users of the system in question by disabling all unencrypted login options. To me, this approach is more modern than the other ones. Again, taste may vary... There still remains the legal problem with cryptography in some countries. But interesting legislative development is in sight... Roman. -- _ _ | Roman Drahtmüller "Freedom means that you can choose | CC University of Freiburg what you want to learn at a given | email: draht@uni-freiburg.de time." A. Becker, 1999 | - - People often find it easier to be a result of the past than a cause of the future.