FreeBSD, and I would have to assume OpenBSD have root login via ssh disabled by default. It doesn't make much sense why linux distros don't change this, but it doesn't make sense why MySQL is shipped without a root password either. I guess someone thinks it's a good idea, or doesn't think it's a bad enough idea to fix a common sense security flaw. storkus@storkus.com wrote: > OMG, I didn't know that! I'm willing to bet a lot of people on the list > didn't, either! I guess I'm just lucky as, since I don't need it, I > don't run it. > > Mike > > On Wed, 21 May 2008 11:32:08 -0500, alex@crackpot.org said: > >> Quoting "der.hans" : >> >> >>> Am 20. Mai, 2008 schwätzte Erich Newell so: >>> >>> >>>> If you do this however...I highly recommend editing the /etc/ssh/sshd_config >>>> file to not allow root logon. >>>> >>> Shouldn't sshd generally be configured to not allow logging in as root? >>> >> It should. But even recent distros like RHEL5 shipped sshd_config >> with 'PermitRootLogin yes', which for some unfathomable reason is the >> default set by the OpenSSH project. >> >> I just checked the source code for OpenSSH 5.0p1, which is the most >> recent stable release I could find, and 'PermitRootLogin yes' is still >> the default in sshd_config. >> >> http://mirror.mcs.anl.gov/openssh/portable/openssh-5.0p1.tar.gz >> >> alex >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss