Security of using sudo rather than su?
Alan McKinnon
alan at linuxholdings.co.za
Thu Sep 14 12:44:09 UTC 2006
On Thursday 14 September 2006 13:58, Adam Funk wrote:
> On 2006-09-14, Dennis Kaarsemaker <dennis at kaarsemaker.net>
wrote:
> >> Default config on most distribution for sshd deactivate
> >> root login.
> >
> > We're talking about Ubuntu here.
>
> I just checked my /etc/ssh/sshd_config:
>
> #PermitRootLogin yes
> PermitRootLogin no
>
> which raises the question, why in the world does the default
> config that allow root logins? (I know you're not supposed
> to use the root account, but doesn't that just mean that the
> password is random?)
No.
It means that the account is not enabled and does not work. It
isn't random, it simply doesn't exist. Inspect the root entry
in /etc/shadow, it looks like this:
root:!:13334:0:99999:7:::
A random password would look something like this:
root:$1$7wk8.uO1$x5WR7uXuf3NRHhm.rGPNi/:13374:0:::::
alan
More information about the ubuntu-users
mailing list