On Sun, 29 Jul 2012, Brian wrote: > On Sun 29 Jul 2012 at 13:12:31 -0400, Tom H wrote: > > On Sun, Jul 22, 2012 at 11:31 AM, Brian <a...@cityscape.co.uk> wrote: > > > No default configuration file will ever suit everyone or fit their > > > needs, but the Debian sshd_config doesn't seem to me to be have any > > > insecure aspects to it. > > > > Some might say that "PermitRootLogin yes" default is insecure... > > Some might and indeed they do say it, often vociferously. But I've yet > to see a sound reason advanced for the opinion.
Well, it is the one account that will accept remote logins (in Debian) that exists everywhere. It is indeed an insecure default, mostly because by default we also allow password-based logins. Check your logs, and verify the frequency of brute-force attempts per username. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120729180004.gb22...@khazad-dum.debian.net
