Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: [suse-security] Root logins with ssh
  • From: RoMaN SoFt / LLFB!! <roman@xxxxxxxxxx>
  • Date: Mon, 05 Feb 2001 14:16:52 +0100
  • Message-id: <vt9t7tsfl33nrphusrc08kou3gabndsige@xxxxxxx>
On Mon, 05 Feb 2001 13:45:48 +0100, you wrote:

> Nevertheless I've noted the following behaviour when trying to login
>as root:
>1) If supplied passwd is incorrect, sshd tell so.
>2) If supplied passwd is right, you get:
>ROOT LOGIN REFUSED FROM roman
>
> So you could try to guest root passwd by brute force attack. I don't
>like that.

Auto-answer. Yes, it's corrected. Tested on SuSE 7.0.

roman@einstein:~ > rpm -qa |grep ssh
openssh-2.1.1p1-23

But... is it really necessary to disable root login if you use
encrypt communication like ssh???

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
** RoMaN SoFt / LLFB **
roman@xxxxxxxxxx
http://pagina.de/romansoft
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

< Previous Next >
References