Another reason *to* use sudo?

[Paul Sladen]

On Mon, 22 Nov 2004, Ben Edwards wrote:

Hello Ben,

> We were trying to decide whether to enable root on the Ubuntu PCs we
> have been setting up at a community center

I strongly recommend you do not.

> If you ssh into a box the password of the initial account you log in is
> _not_ encrypted

This is untrue.  SSH stands for 'Secure SHell'.  OpenSSH is developed by the
OpenBSD team and ensures end-to-end crypto of everything---passwords most
importantly.

The first time you SSH login to a new machine you'll be asked to confirm the
'fingerprint' of the machine at the other end.  This is to make sure you are
talking to the machine you expect and not to somebody pretending to be that
server.

> your password could be snifed

Only if you're using unencrypted Telnet, FTP or POP3.  You must be nuts if
you do that.

> I should also mention that the good thing about sudo which is not on
> the RootSudo page is that you can selectively give people access to
> various aspects of roots privileges

Given that you yourself are talking about the merits of using 'sudo', why
are you questioning your own decision and considering changing the
out-of-the-box configuration to something you are less sure about?

	-Paul
-- 
Is there no safe way to travel?  Nottingham, GB