2008/3/31, Hans Witvliet
On Sun, 2008-03-30 at 22:24 -0400, Ciro Iriarte wrote:
3) disable root access. PermitRootLogin Specifies whether root can log in using ssh ==> The default is "yes". <== Horrible!!
This would be an idea.
That would be annoying, I have some servers were I don't have regular users or LDAP authentication (not all of them need to in our datacenter) and with this disabled I still would need to pull a serial console from somewhere to change this and have access to the headless server even though the sshd is up and running after installation (remote installation case)
Why annoying? It only implied that for *remote* logins, you have to use a oridinary user-account, and then do a "su -" or a "sudo" Anyway, it was a suggestion for the _default_ config, People like you, who know what you're doing, can change it easily anyway they want.
If you have to move hardware around just to change a line in the ssh configuration, it is annoying. Regarding the regular user, as I stated before, not all servers need regular users, think about a cyrus imap black-box server... I'm just giving my impressions...
hw
Regards, Ciro --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org