[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] OpenSSH pkg default config (was: Am I missing something here)

Subject: Re: [cobalt-security] OpenSSH pkg default config (was: Am I missing something here)
From: "Edward Cruz" <edward.cruz@xxxxxxxxx>
Date: Thu, 14 Mar 2002 12:40:40 -0800
Organization: Eiron
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> I have had a lot of ssh protocol 1 scans
> You are running ONLY protocol 2 aren't you?
> And you are running 3.1p1
> --
> Gerald Waugh
> New Haven, Connecticut USA
>

Continuing in the same vein:  double check that the OpenSSH sshd_config has
PermitRootLogin set to no.  If set to yes, this allows anyone to attempt to
login directly as root.  Although I am not a security expert by any means, I
recall reading that this is not a good idea...  Instead, you can login as
admin and then su to get root access.

Follow-Ups:
- Re: [cobalt-security] OpenSSH pkg default config (was: Am I missing something here)
  - From: Nico Meijer

References:
- [cobalt-security] Am I missing something here
  - From: Steve Mansfield
- Re: [cobalt-security] Am I missing something here
  - From: Gerald Waugh

Prev by Date: Re: [cobalt-security] Am I missing something here
Next by Date: Re: [cobalt-security] OpenSSH pkg default config (was: Am I missing something here)
Previous by thread: Re: [cobalt-security] Am I missing something here
Next by thread: Re: [cobalt-security] OpenSSH pkg default config (was: Am I missing something here)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index