Another reason not to use sudo?

[John]

Ben Edwards wrote:
> We were trying to decide whether to enable root on the Ubuntu PCs we
> have been setting up at a community center and the person I was
> working with pointed out the following.
> 
> If you ssh into a box the password of the initial account you log in
> is _not_ encrypted so you would normally log in as a lesser user and
> su when you are in (this I knew but many people do not).

You don't have to login with passwords. I mostly don't.

> 
> However if your box uses sudo you would tend to log into your sudo
> account, your password could be snifed and someone could get root
> access on your box!
1. See above
2. Control physical access to your LAN. Sudo isn't everything.

> 
> The only way round this would be for everybody with sudo access to
> have another lesser account that they used to remotely log into the
> box - or I guess everybody could log in using a guest style account.

Everyone should use their own account. That way your logs record who dunnit.


> 
> I should also mention that the good thing about sudo which is not on
> the RootSudo page is that you can selectively give people access to
> various aspects of roots privileges - i.e. you could allow someone
> just to install packages but not delete other peoples files (never got
> into this myself but gather it is the case).

Well, anyone who can
a. Create user accounts
or
b. Install software into system locations

owns your box anyway. If I can create user accounts, I can create onw 
with uid=0 and then I'm root.

Ditto if I can edit /etc/passwd

If I can install software as above, I can install software to give me a 
root shell.

sudo is far from perfect, but IMV it beats having everyone know the root 
password.