ssh default security risc
FreeBSD questions mailing list
FreeBSD at amadeus.demon.nl
Thu Feb 3 16:54:03 PST 2005
>>> If they can hack the root they can defenatly hack a user account too.
>>> So i dont see any meaning of disabeling it.
>> If they can hack root they own the system and can do what they like.
>> disabling root you remove the option of this happening. Instead they
>> have to try and compromise a user account. Once they compromise the
>> user account, they then have to gain root access (assuming that is
>> goal). Why bother with the hassle. There are plenty of machines out
>> there already with weak root passwords. If a hacker really wants into
>> your system he will find a way.
> True but the point is without the ssh root enabled there is nothing
> you can do about it to stop them if they change your user password
You really need to look at it from a different point of view...
If you want to prevent people from breaking into your car you lock the
Don't say "If they break the locks and get in, I can't use my key
anymore. So keep the doors unlocked", do you?
My point of view...
More information about the freebsd-questions