Subject: re: sshd Change: PermitRootLogin = no
To: Bill Studenmund <wrstuden@netbsd.org>
From: Greg A. Woods <woods@weird.com>
List: tech-security
Date: 09/04/2001 13:36:00
[ On Sunday, September 2, 2001 at 23:51:06 (-0700), Bill Studenmund wrote: ]
> Subject: re: sshd Change: PermitRootLogin = no
>
> Yes, actually, it is about whether ssh is secure enough. Because as I said
> in a note to Curt, for years we have babbled on (when talking about
> default configs, etc.) about "secure" terminals, not "physically local"
> ones. So if ssh gives us a connection which "we" consider "secure", then
> we *are* being consistent within our own tools in allowing root to login.
Yeah, _HOWEVER_ nothing but the physical console is marked to be
"secure" BY DEFAULT on NetBSD. Turning PermitRootLogin off _IS_
consistent with past policy!!!!
--
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods@acm.org> <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>