On Monday 28 May 2007, G T Smith wrote:
Petr Klíma wrote:
John Andersen wrote:
I don't think that is a universally accepted setup. The only risk to root ssh logins is based on ancient flaws and timing attacks in long obsolete versions of ssh.
It has other reason - noone can do successfull dictionary attack on root account when it's not allowed to login as root. You can try to rule out this possibility by using strong password, but it might be wiser to restrict root login from trusted IPs or deny it completely (while using strong root password of course).
Tosuja
If for any reason you need to allow plaintext passwords (e.g. the Symbian version of PuTTY only handles plaintext passwords) then this is a very good idea.
When using ssh, there is no case where plain text passwords are sent over the network. Everything is encrypted. -- _____________________________________ John Andersen -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org