On Wed, 8 Dec 2004, Matthew S. Hallacy wrote: >> Anything that postpones a successful attack during the time between >> discovery of the exploit and application of the patch will be helpful. >> Is this way of thinking all wrong? I am happy to be corrected because >> I am not a computer expert. > > This is like keeping your valuables in your basement, in the off chance > that an airplane happens to crash into the second floor of your house. That's a rather extreme claim. You do know that, right? I see that there are two sides to this debate. Clearly, the authors of SSHd put PermitRootLogin in there for a reason. They are not idiots. For now, I'm keeping PermitRootLogin set to 'no.' There is no reason for me to change it. I am almost always logged onto my normal user account and I have no need to login as root. It is advisable to be logged in usually as a user and to become root when necessary. Typing a password is really not much of a chore - it's only 8 characters and I have it memorized! To use Matthew's example, I already live in my basement so I don't need to go there to access my valuables. Mike _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota Help beta test TCLUG's potential new home: http://plone.mn-linux.org Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list