Differences

This shows you the differences between the selected revisions of the page.

2016-06-03 2016-11-21
update link (martin) better sshd_config link (martin)
Line 5: Line 5:
Easiest way is to allow direct login with the user account you need, if it is not allowed already. For accounts such as ''root'', the direct login is typically disabled by default for security reasons. So when enabling it, have security in mind. Easiest way is to allow direct login with the user account you need, if it is not allowed already. For accounts such as ''root'', the direct login is typically disabled by default for security reasons. So when enabling it, have security in mind.
-Particularly with SSH, you may want to keep password authentication (the most vulnerable one) disabled and use e.g. [[public_key|public key authentication]] instead. With OpenSSH server, you can do that by setting ''[[http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/sshd_config.5|sshd_config]]'' keyword ''PermitRootLogin'' to ''without-password'' ((Even more restrictive option ''forced-commands-only'' may work with SFTP protocol, but it has not been tested.)).+Particularly with SSH, you may want to keep password authentication (the most vulnerable one) disabled and use e.g. [[public_key|public key authentication]] instead. With OpenSSH server, you can do that by setting ''[[http://man.openbsd.org/sshd_config|sshd_config]]'' keyword ''PermitRootLogin'' to ''without-password'' ((Even more restrictive option ''forced-commands-only'' may work with SFTP protocol, but it has not been tested.)).
===== Use sudo on Login ===== ===== Use sudo on Login =====

Last modified: by martin