[CentOS] SSH Automatic Log-on Failure - Centos 5.5
Stephen Harris
lists at spuddy.orgThu Jan 27 11:45:06 UTC 2011
- Previous message: [CentOS] SSH Automatic Log-on Failure - Centos 5.5
- Next message: [CentOS] SSH Automatic Log-on Failure - Centos 5.5
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Jan 27, 2011 at 07:59:30AM +0000, John Hodrien wrote: > On Thu, 27 Jan 2011, Nico Kadel-Garcia wrote: > > > Wrong again. Never use public key access for root accounts, it simply > > compounds the security risks. Passphrase protected SSH keys can be > Is this actually current doctrine for typical machines? I thought plenty of > people advocated restricting ssh to AllowRoot without-password. What exactly Correct. PermitRootLogin without-password is the recommended approach if you must allow remote root login via ssh It's even better to deny remote root at all (login as normal user then sudo/su as necessary), but practicallity says it's needed, so "without-password" will stop you from being able to use the password and force you to use public keys or other non-password authentication. -- rgds Stephen
- Previous message: [CentOS] SSH Automatic Log-on Failure - Centos 5.5
- Next message: [CentOS] SSH Automatic Log-on Failure - Centos 5.5
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list