sshd
Dick Davies
rasputnik at gmail.com
Wed Jun 21 15:37:24 UTC 2006
On 21/06/06, Dick Davies <rasputnik at gmail.com> wrote:
> On 21/06/06, ubuntu at rio.vg <ubuntu at rio.vg> wrote:
> > Gunnar Salbeck wrote:
> > >
> > > After installing Ubuntu sshd is not installed yet.
> > > If someone install the package "openssh-server" he should know how to
> > > configure it.
> > >
> >
> > I don't think this assumption is accurate.
>
> If it isn't, we should be installing a firewall by default.
> Sadly, I think you're right. With the current setup:
Hold on. I've just realised why it's the way it is.
Traditionally, PermitRootLogin is disabled, because someone could
then bruteforce a password over ssh and get root access.
with ubuntu, it doesn't matter whether PermitRootLogin is enabled
or not. People can *still* bruteforce a password over ssh and get root access,
as your normal user password is enough for sudo to let them destroy your
box.
--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
More information about the ubuntu-users
mailing list