On Tue, 2004-08-10 at 08:54, Alexander Dalloz wrote:
Am Di, den 10.08.2004 schrieb Dave Rinker um 6:30:
I agree with both comments but recommend that you disable the ability of
root to login at all. Users can always su to root.
That has the severe downside, that if someone got on the system as an
unprivileged user he could sniff while you are su'ing to root, which is
not successful if you ssh in as root using publick key authentication
rather than password authentication.
Alexander
Your saying that if you use ssh2 to connect to a server and the su to
root that they can sniff your root password?
I don't think that would work.
The main reason I always suggest people login with a normal user ID and
then su to root if needed is so there is an audit trail on the servers.
I can see who actually logged in and jumped to root instead of just
seeing that someone that knew root logged in.
And true, someone with root privileges could attempt to cover their
tracks by mucking with the log files.
--
Scot L. Harris <webid@xxxxxxxxxx>