> It is a configuration option in SSH I think > (/etc/sshd.conf or something). found it, /etc/ssh/sshd_config <snip> PermitRootLogin yes </snip> > If you're doing this on Slackware, I do believe that > they prevent remote logins as well. At least on my > systems here at home prevent any remote > logins as root. slackware does prevent root logins, and as slackware is my server i didnt enable it... > P.S. If nobody can answer my question, I'd like to > borrow a working set of > RedHat 7.0 CDs from someone. I would be happy to > return them to you at the > next meeting. yeah i just burned a the whole set (CDs 1-4) though you probably do not need more than 1, and if you have a high speed internet i would suggest Debian (yep i am a new convert thanks to apt-get) > Look into useing LDAP instead of NIS/NIS+. LDAP is > definitly cooler than > NIS, don't know much about NIS+ though. LDAP? i probably heard of it, but never used it, any good HOWTOs? > Moreover, in cases where there is more than one > admin, it's absolutely > silly (IMO) not to use sudo. nope, only me doing the grunt work... > Well, I'm not sure how hard you looked or where you > looked, but this is > absolutely not true. NIS can use shadow passwds and > MD5 without problem. > There are sum advantages to NIS+ (the default on > Slackware, IIRC), but the > administrative complexity far outways them, IMHO. in the howto it said that <paraphrase>NIS does not support shadows and MD5s, NIS+ fixes that but NIS+ is harder to use so stick with the old NIS</paraphrase> > In most cases, you'll be fine using NIS. Many > people don't like it because > it's _possible_ for someone to ypxfer your maps from > your server, the question is, on my home network: why would somebody want to do that? > considering many users pick terrible, brute-forcable > passwds. (l)users gotta love them, but then again im not too worried about security at this point... > SCPing maps around isn't a bad solution though, and > it gives you at least > some authentication (as does NIS+ w/kerberos). but SCP to /etc requires root login, for now i have decided to put the shadow, passwd and hosts (i have no DNS server yet - coming soon) on a floppy to copy them around as there is only 5 machines... not the best solution but it works out better then SCPing files over... ok that was a long one, thanks guy for all your help/ pointers... hopefully oneday i will get this perfected so i can make a proposal at work to move away from the MS stuff they are using now... -munir ===== -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GAT GIT dpu- s:- a19 C++ UL P+ L+(++) E--- W+ N+ w(--) K? O-- M- V- PS+ PE-(--) Y-- PGP-(---) t 5+++ X R tv-- b+++ D++ DI++ G e+ h+() r- y+ UF++ ------END GEEK CODE BLOCK------ __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/