On Thu, 6 Sep 2001, Bill Studenmund wrote:

> Uhm, I think the people who make both commercial ssh and openssh fuss
> quite a lot about unix security. And they see value in having direct root
> logins be the default.

I'm not convinced of this. It would seem to me that if they were
reasonably paranoid, they would ship ssh with *all* authentication shut
off by default, and each individual installing it would then be forced
to tune it to his particular policy. And this would get rid of potential
sources of error in policy. For example, if the sshd config file is
somehow removed or made unreadable to sshd, it shouldn't open up new
avenues of authentication that were not open before (as may happen now).

In short, sshd is not fail safe WRT its config file. I had a look over
the web site, and I can't see anything justifying this.

cjs
-- 
Curt Sampson  <cjs@cynic.net>   +81 3 5778 0123   http://www.netbsd.org
    Don't you know, in this new Dark Age, we're all light.  --XTC