Re: root login

From: Lars G. Sander (lgs.bugtraq@bluewin.ch)
Date: 12/03/02

  • Next message: Paul Thomas: "Re: Such a question"
    From: "Lars G. Sander" <lgs.bugtraq@bluewin.ch>
    To: André Valente - involved <involved@ptlab.org>, secureshell@securityfocus.com
    Date: Tue, 3 Dec 2002 22:18:39 +0100
    
    

    André,
    a root login is _always_ insecure. There is no grey margin. The only question
    is: When will it break? Never ever do root logins.

    regards,
    Lars

    On Monday 02 December 2002 19:46, André Valente - involved wrote:
    > Hi,
    >
    > Remember when I asked for something to allow root login from some hosts and
    > deny from others? well.. I think i found out something and I would like you
    > to tell me if this is really secure and if it works.
    >
    > Has i have only 4 users (root + 3), I did it with:
    >
    > AllowUsers root@host1 root@host2 root@host3 user1@* user2@* user3@*
    >
    >
    >
    > Thanks to everybody who helped,
    >
    > --------------------------------------
    > André Valente
    > (involved@ irc.ptnet.org)
    >
    > involved@ptlab.org
    >
    > PtLab - System Administration,
    > Development and Research
    >
    > Portugal