Gordon Pritchard said: > On Mon, 2003-06-16 at 04:06, shrek-m@xxxxxx wrote: > >> does anybody really need >> RootLogin by default > > We do. > > In a typical deployment, our boxes have no local-users except root. > All others are authenticated against a central LDAP server, and their > home-dir is provided by another file-server. > > When something breaks, the only way into the box is as root, > whether at > the local-console, or from off-site. > > My $0.02, > -Gord Totally agree ... but more to the point ... why disable it? The reason to disable root login in telnet is obvious. If you don't trust ssh then don't install it :-) If your root password is easy to guess then disabling root login in ssh will not help that much - I'm sure someone will guess your other passwords then su to root anyway. A friend has an old debian box as his router/firewall and every time I login to it I have to login twice ... using ssh ... coz in his version (not sure about current) RootLogin is disabled. Maybe I should ask him to change it - never thought of that - D'oh. -- -Cheers -Andrew MS ... if only he hadn't been hang gliding!
