Another reason not to use sudo?
brettcar at gmail.com
Mon Nov 22 13:33:08 UTC 2004
On Mon, 22 Nov 2004 13:23:28 +0000, Ben Edwards <funkytwig at gmail.com> wrote:
> We were trying to decide whether to enable root on the Ubuntu PCs we
> have been setting up at a community center and the person I was
> working with pointed out the following.
> If you ssh into a box the password of the initial account you log in
> is _not_ encrypted so you would normally log in as a lesser user and
> su when you are in (this I knew but many people do not).
This is false. Here is a quote from the ssh manpage:
If other authentication methods fail, ssh prompts the user for a pass-
word. The password is sent to the remote host for checking; however,
since all communications are encrypted, the password cannot be seen by
someone listening on the network.
More information about the ubuntu-users