On 2014-12-08 18:46, alister wrote: > on most systems that DO have a ssh server root logins are usually > prohibited, either enable root logins (dangerous) or log in with a > user that has permissions to do what you require. if you don't have > access to the server then you need assistance from someone who is > authorised.
Just for the record, you can enable root logins but disallow password logins, so root has to be done with a public/private key-pair. That said, I do as you describe and still SSH to my ssh-user account, then "su" to root as needed from there. But at least there's a middle ground that isn't as vulnerable as putting a root account out there to be banged on by any script-o-matic bot that finds it. I also like to change my external SSH port to something non-traditional (and have configured port-knocking in the past) to prevent the obvious pokes I would otherwise see in my sshd/auth/access logs. -tkc -- https://mail.python.org/mailman/listinfo/python-list
