ssh default security risc

FreeBSD questions mailing list FreeBSD at
Thu Feb 3 16:54:03 PST 2005

>>> If they can hack the root they can defenatly hack a user account too.
>>> So i dont see any meaning of disabeling it.
>> If they can hack root they own the system and can do what they like.  
>> By
>> disabling root you remove the option of this happening.  Instead they
>> have to try and compromise a user account.  Once they compromise the
>> user account, they then have to gain root access (assuming that is 
>> their
>> goal).  Why bother with the hassle.  There are plenty of machines out
>> there already with weak root passwords.  If a hacker really wants into
>> your system he will find a way.
>> Chris
> True but the point is without the ssh root enabled there is nothing
> you can do about it to stop them if they change your user password
You really need to look at it from a different point of view...
If you want to prevent people from breaking into your car you lock the 
Don't say "If they break the locks and get in, I can't use my key 
anymore. So keep the doors unlocked", do you?
My point of view...

More information about the freebsd-questions mailing list