On Fri, 2005-12-16 at 11:54, Dotan Cohen wrote: > I just spent a few minutes googling the subject, and it appears that > apache, mail, etc dont have passwords at all. So why do they bother > trying to SSH in on those names? Or will the root password let them in > (I'd try it before I ask, but I'm not home now and the machine is > behind a new router that I haven't configured for port forwarding > yet)? They are looking for any valid user id on the system that MIGHT have had a password set. Shotgun approach, hit them all and maybe one of them might work. > > If root is disabled from logging in via ssh, and I only have one other > real user on the system (who I WANT to let in), then is there no real > reason to use AllowUsers? > specifying the specific user by AllowUsers is best practice. If someone did set a password on one of those other accounts this would prevent it from being used for ssh access. > Also, if I post something here that I copied from the command line, like: > [sharon@localhost] $ > > is this insecure? Because that is saying "Here! Use user 'sharon' to > SSH me!". Should I be more careful in the future with that? Not a bad idea.
