On Tue, 2004-09-14 at 23:03, Alexander Dalloz wrote: > Am Di, den 14.09.2004 schrieb James Kosin um 15:27: > > > Just an update: > > ~ 2) I've also made it so root can not login via ssh. This was to > > circumvent some of the problems with the recent sshd attacks. To block > > or not allow root to login, change the /etc/ssh/sshd_config file and add > > a line that has 'DenyUsers root' > > ~ This change does not block the attempt; but, it does block root from > > loging in. You can still login as a normal user and do an 'su -' to get > > root. > Hmm.. If you look at that file again, you'll notice this line as well.. PermitRootLogin no Does the same thing. > To prevent to let the script kids find their target on my hosts running > a public available sshd, I changed the listening default port from 22 to > something different. > Comment: this is no security setting, Security by obscurity.. :-) > > James Kosin > > Alexander -- Ow Mun Heng Fedora GNU/Linux Core 2 on D600 1.4Ghz CPU kernel 2.6.7-2.jul1-interactive Neuromancer 00:47:53 up 15:32, 8 users, load average: 0.42, 0.79, 0.66
