If I consider it, there are many more issues .. e.g. you should have console access available until ssh/sudo works. Harden_suse will take away su/sudo rights for plain users, and ssh will not let you in remotely as root. But this is only an issue if your server is at a remote data center or ISP :-) Rainer "Andreas Kunberger" <andreas.kunberger@itvd.uni-stuttgart.de> 22.05.00 12:21 To: rhoerbe@netpromote.co.at cc: Subject: Re: [suse-security] harden_suse documentation At 22 May 00, um 11:47 rhoerbe@netpromote.co.at wrote:

I learned to take care of two things with harden_suse: One more hint: harden_suse inserts in hosts.deny the line 'all execpt localhost' By this ssh-connetions to (open_)sshd are disabled.

mfg Andreas Kunberger -- Dipl.-Ing. Andreas Kunberger Institut fuer Textil- und Verfahrenstechnik Universitaet Stuttgart