Security of using sudo rather than su?
Tchize
tchize at myrealbox.com
Thu Sep 14 09:41:15 UTC 2006
Dennis Kaarsemaker a écrit :
> On do, 2006-09-14 at 10:18 +0100, Adam Funk wrote:
>
>> I've read the official explanation of the locked root account [1] and
>> it still seems to me that this system can reduce security (in
>> comparison with the traditional approach) because an attacker
>> (especially a remote attacker) can gain root privileges by cracking
>> one password (the main user's) rather than two (since normally root
>> isn't allowed to log in over ssh).
>>
>> Why is this view wrong?
>>
> Because normally, root *can* login over ssh and 'root' is a very
> well-known username. So sudo actually doubles security by having to
> guess both a username and a password instead of just a password.
>
Default config on most distribution for sshd deactivate root login.
More information about the ubuntu-users
mailing list