[Asterisk-Users] asterisk@home scary log
David McNett
nugget at slacker.com
Thu Feb 10 09:11:57 MST 2005
On 10-Feb-2005, Colin Anderson wrote:
> IMO, your best defence is an extremely strong root password; I am often
> mortified by looking at my logs and seeing all of the login attempts through
> SSH.
IMO, your best defence is leaving ssh's default setting which disallows
root logins entirely. There's no reason for a remote user to ever have
to log in as root. Root access should be obtained by a logged-in normal
user using sudo, or su.
Despite the fact that Linux distros seem to not support the wheel-group, you
can accomplish a similar effect using sudo.
--
David McNett <nugget at slacker.com>
http://slacker.com/~nugget/
More information about the asterisk-users
mailing list