[Asterisk-Users] asterisk@home scary log
Derek Whitten
derek at kfuq.net
Thu Feb 10 11:53:48 MST 2005
I also call bullshit.. OpenBSD does NOT allow ssh root login by
default.. why do you think that they have such an excellent security
track record..
On Thu, 2005-02-10 at 09:44, Steven Critchfield wrote:
> On Thu, 2005-02-10 at 11:36 -0500, Noah Miller wrote:
> > > IMO, your best defence is leaving ssh's default setting
> > > which disallows root logins entirely. There's no reason
> > > for a remote user to ever have to log in as root. Root
> > > access should be obtained by a logged-in normal user
> > > using sudo, or su.
> >
> > I'm not sure what happens when you do a fresh compile and
> > install of OpenSSH, but every distro I've ever worked with
> > (Red Hat, Gentoo, Slackware, Vector, Tao, Yellow Dog,
> > Debian, Knoppix, SuSe, Linspire, FreeBSD, OpenBSD, Darwin,
> > OS X) has allowed root logins via SSH by default. Maybe
> > they're changing that on newer versions of some distros.
> > I dunno.
>
> I'll call bullshit on that. I know for a fact that Debian does NOT allow
> root logins except from console. Hell Debian isn't allowing root logins
> from X anymore due to the likely hood for you to try and use root for
> more than administration.
>
> I know Mandrake does annoying things if you try to login as root on
> anything but console to also discourage it's use.
>
> I don't expect much from Linspire as it attempts to be windows. As for
> the rest in your list other than OS X, I wouldn't bother trying to run
> them when you have Debian available.
--
Derek Whitten <derek at kfuq.net>
kFuQ Productions
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20050210/87d22550/attachment.pgp
More information about the asterisk-users
mailing list