how to allow user toor login through ssh
Tim Daneliuk
tundra at tundraware.com
Wed Jan 4 04:08:22 UTC 2017
On 01/03/2017 10:04 PM, Ernie Luzar wrote:
> Polytropon wrote:
>> On Wed, 04 Jan 2017 09:18:32 +0800, Ernie Luzar wrote:
>>> Maciej Suszko wrote:
>>>> On Tue, 3 Jan 2017 19:15:54 +0800
>>>> Ben Woods <woodsb02 at gmail.com> wrote:
>>>>
>>>>> The openssh daemon prevents login as root or toor (any user with UID
>>>>> 0) in the default configuration that ships with FreeBSD.
>>>>>
>>>>> This can be adjusted by setting the following in /etc/ssh/sshd_config:
>>>>> PermitRootLogin yes
>>>>>
>>>>> Note however, that it is not generally advisable to allow root or toor
>>>>> login via ssh, as this is a frequently attempted username for script
>>>>> kiddies and bots running random brute force attacks. Tread wisely.
>>>>>
>>>>> Regards,
>>>>> Ben
>>>> However it's quite simple to restrict root login using Match block, for
>>>> example ;-) ... just leave 'no' globally.
>>>>
>>>> Match Address 10.0.0.0/27
>>>> PermitRootLogin yes
>>>
>>>
>>> I like this solution. On my host I have changed ssh to us a high value port number back when I was on BSD REL 3.0 and have never had any failed login attacks of any kind.
>>
>> Moving SSH to a nonstandard port doesn't increase security per se,
<SNIP>
All good info ... shameless self-promotion follows ;)
I use the following to essentially remove most noise from my ssh world. I
came up with this some years ago while travelling extensively:
https://www.tundraware.com/Software/tperimeter/
----------------------------------------------------------------------------
Tim Daneliuk tundra at tundraware.com
PGP Key: http://www.tundraware.com/PGP/
More information about the freebsd-questions
mailing list