ssh default security risc

Chris Hodgins chodgins at
Thu Feb 3 15:30:08 PST 2005

Gert Cuykens wrote:
> By default the root ssh is disabled. If a dedicated server x somewhere
> far far away doesn't have root ssh enabled the admin is pretty much
> screwed if they hack his user  account and change the user password
> right ?
> So is it not better to enable it by default ?
> _______________________________________________
> freebsd-questions at mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at"

Every unix box has a root account.  Not every unix box has a jblogs 
account.  Lets take the example of a brute-force attempt.  The first 
thing I would do would be to attack roots password.  I know the account 
exists.  Might as well go for the big prize first.

So having a root account enabled is definetly a bad thing.


More information about the freebsd-questions mailing list