SSH2

Nathaniel Hall halln at otc.edu
Thu Apr 7 12:33:57 UTC 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

|>Another good practice is to turn off root logins;
|>
|>In /etc/ssh/sshd_config:
|>
|>PermitRootLogin no
|>
|>I believe this is set to "yes" by default on RedHat (at least RH9 it
|>is defaulted to yes).
|
|
| But that doesn't prevent someone from doing 'su -' does it?

No, it does not.  The thinking is to make it harder for somebody to
figure out a username and password for SSH login and then trying to
figure out a password to su - to root.  Since it takes more time to
figure out usernames and passwords than just passwords, you are more
likely to discover the break in attempt.

- --

Nathaniel Hall, GSEC
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking

halln at otc.edu
417-447-7535
GPG Public Key ID: 0xAC187312
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)

iD8DBQFCVSi0c+QrUawYcxIRAqLHAJwP+DyO/e1u05uaQRhSyOdDmItkyACfUW+j
fcMuK1BsSfgQhk/WGBUCdxE=
=l60q
-----END PGP SIGNATURE-----




More information about the redhat-list mailing list