su: blacklist users

[A. Khattri]

On Thu, 25 May 2006, David Bandel wrote:

> Too bad that's not always practical.  I don't have any clients that
> prohibit ssh as root, but I have heard of many that do.  In that case,
> a remote administrator has no choice.

A lot of distros by default disable remote ssh logins as root - I thought
this was common?

> Those
> worried about the ssh exploits (mostly dictionary attacks) can use
> iptables to restrict the IP from whence these folks can connect

And/or use denyhosts (or some similar utility).

What's with those Rumanians anyway? ;-)



-- 
A