Re: A great answer to dictionary attacks on root

Ignoramus7715 wrote:

PermitRootLogin without-password

That means that root logons are allowed ONLY with keys. No passworded
logins are allowed as root -- one MUST have a key.

I'd say a
PermitRootLogin no
would be more secure. After all you can use su do gain root privileges.
--
---
Cezary Morga
.

Relevant Pages

  • Re: RSA vs AES
    ... Common Root certificate shared across millions of keys. ... those browsers check for revoked root CA keys? ...
    (sci.crypt)
  • Re: openssh
    ... authorized* key file permissions as well. ... Also you may not have keys setup for root on that system. ... immediately delete the entire communication, ...
    (AIX-L)
  • Re: Half O.T.(Keypad Functions On Sharp)
    ... Why waste Space on the keypad? ... root are used more often than other powers or roots. ... both common log and natural log keys). ...
    (comp.sys.hp48)
  • Re: [PATCH 06/45] KEYS: Make the keyring quotas controllable through /proc/sys [ver #35]
    ... bytes of data that root may have stored in those keys. ... Beause suexec doesn't work in an AFS environment, each instance is started by root with its own IP and in a PAG with a separate token for a service user. ... Although each apache switches over to the service user, the initial tokens are acquired by root. ...
    (Linux-Kernel)
  • Re: SSH as root
    ... Subject: SSH as root ... That's too bad, I mean, that keys are a benefit from poor choices (i.e., ... On the server side, no. ... If someone compromises a system, every single thing other than the passwords ...
    (SSH)