On Mon, 2003-06-16 at 04:06, shrek-m@xxxxxx wrote:
> does anybody really need > RootLogin by default
We do.
In a typical deployment, our boxes have no local-users except root. All others are authenticated against a central LDAP server, and their home-dir is provided by another file-server.
When something breaks, the only way into the box is as root, whether at
the local-console, or from off-site.
OK, valid point. In that case, then, I suggest you "RootLogin without-password" such that no one without the private key and the password can get in. I do allow this on several of my systems.
-- Rodolfo J. Paiz rpaiz@xxxxxxxxxxxxxx
