Hello. I'm not 100% sure if this is a configuration error on my side or a 'bad idea' on sshd/FreeBSD sides. A remote root ssh connection to a FreeBSD 4.10 server (with no remote root access) will allow you to 'work out' the root password. However, if you try the same against 5.2.1 FreeBSD, you have little chance. The following are pretty clear examples. If this is a config mistake on my side, please let me know as I have clearly done something wrong. Correct root password - 4.10 tigger@piglet:~% ssh [email protected] Password: Connection to 4.10-FreeBSD closed by remote host. Connection to 4.10-FreeBSD closed. tigger@piglet:~% Incorrect root password - 4.10 tigger@piglet:~% ssh [email protected] Password: Password: Password: [email protected]'s password: Permission denied, please try again. [email protected]'s password: Permission denied, please try again. [email protected]'s password: Permission denied (publickey,password,keyboard-interactive). tigger@piglet:~% Correct root password - 5.2.1 tigger@piglet:~% ssh [email protected] Password: Password: Password: [email protected]'s password: Permission denied, please try again. [email protected]'s password: Permission denied, please try again. [email protected]'s password: Permission denied (publickey,password,keyboard-interactive). _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"