| 1 |
On Samstag 17 Januar 2009, Grant wrote: |
| 2 |
> >> >> an ssh config setting, in shorewall, or somewhere else? |
| 3 |
> >> > |
| 4 |
> >> > You can: |
| 5 |
> >> > |
| 6 |
> >> > 1) use pam as described by Mike |
| 7 |
> >> > |
| 8 |
> >> > or |
| 9 |
> >> > |
| 10 |
> >> > 2) use sshd_config "AllowUsers" |
| 11 |
> >> |
| 12 |
> >> Thanks a lot, I went with 'AllowUsers root' in sshd_config since sshd |
| 13 |
> >> is the only service running on the system. |
| 14 |
> > |
| 15 |
> > I really would not do that. Instead create a user to log in and su to |
| 16 |
> > root. Root should not be allowed to log in - way to risky. |
| 17 |
> |
| 18 |
> Is the idea to put 2 passwords in the way of gaining root access? |
| 19 |
|
| 20 |
one key+username and one password. |
| 21 |
|
| 22 |
> The |
| 23 |
> problem is twice as many passwords to memorize. Even if the 2 |
| 24 |
> passwords are the same, I suppose they would have to come up with the |
| 25 |
> username too which is a (thin) extra layer. |
| 26 |
|
| 27 |
just use pubkey for ssh. It is much saver anyway. |
Archives