On Thu, 6 Sep 2001, Steven M. Bellovin wrote:

> I personally administer four NetBSD machines, not 300 -- but even with 2,
> I want a better way to handle patches and upgrades.  No two of my four
> machines have a consistent set of patches, a fact I'm not proud of.

Mmmm, well, "PermitRootLogin yes" isn't *quite* a full solution to this
problem. :-)

> >Or has this thread changed from a discussion of what NetBSD should ship
> >with as a default to what individual admins should set (or be compelled
> >to set) at their sites?
>
> I think that that's the wrong question.  I want to know what NetBSD
> should do structurally so that either choice is safe.

Maybe this:

Modify ssh so that if you log in as root, you must authenticate twice,
once as a user in the wheel group, and once as root. You'd be able to
use any of the standard authentication methods (password, key, etc.) for
each authentication, of course.

cjs
-- 
Curt Sampson  <cjs@cynic.net>   +81 3 5778 0123   http://www.netbsd.org
    Don't you know, in this new Dark Age, we're all light.  --XTC