Am Montag 09 Februar 2009 14:15:35 schrieb Nikos Chantziaras:
> Heiko Wundram wrote:
> > Am Montag 09 Februar 2009 13:37:31 schrieb Nikos Chantziaras:
> >> Stroller wrote:
> >>> I install sudo, give my user wide sudo rights and then set
> >>> "PermitRootLogin no" in /etc/ssh/sshd_config.
> >>> (Critique of this measure welcomed).
> >>
> >> Since Hung already answered about the other problem, I'll just comment
> >> on this.
> >>
> >> It's a bad idea if the machine is open to the Internet, especially since
> >> it's easy to simply "su -" or "sudo" as a normal user.
> ...
> Er, didn't I actually say the same?  If other people have network access
> to the machine, disable root.  You misunderstood something.

Err, no, you didn't say the same, at least not considering your quote (I 
didn't read the OP):

Reading the above, you said that "PermitRootLogin no" is a bad idea (i.e., 
disabling root login via SSH is a bad idea), whereas I said the exact opposite 
(and you meant the exact opposite).

But, as you meant the same as me, forget what I said or just take my rant as a 
clarification of your point. ;-)

-- 
Heiko Wundram
Gehrkens.IT GmbH

FON 0511-59027953 | http://www.gehrkens.it
FAX 0511-59027957 | http://www.xencon.net

Gehrkens.IT GmbH
Strasse der Nationen 5
30539 Hannover

Registergericht: Amtsgericht Hannover, HRB 200551
Geschäftsführer: Harald Gehrkens, Daniel Netzer