On Fri, 31 Aug 2001, David Maxwell wrote:

> My question was meant to say 'If you want to prevent direct root logins
> via the network, and force people to use individual accounts, and su,
> wouldn't you else want the same restriction on the console?' (Except in
> single-user mode, naturally)

You might, in which case you could mark the console as not being
secure. But as I said, in most circumstances, the console is as physically
secure as the machine itself. So if you have access to the console, you
have physical access to the machine, and you don't need any passwords
to get root on the machine, regardless of any of these settings.

> So you're going to improve sshd to respect the 'secure' flag then?

They way it's currently specified, the "secure" flag is honoured only
if the the "on" flag is given. Since sshd is not a getty-type program,
it's never run for on particular terminal, and thus can't have the "on"
flag, and thus the "secure" flag would always be ignored anyway.

cjs
-- 
Curt Sampson  <cjs@cynic.net>   +81 3 5778 0123   http://www.netbsd.org
    Don't you know, in this new Dark Age, we're all light.  --XTC