Security of using sudo rather than su?

Alexander Skwar listen at alexander.skwar.name
Sun Sep 17 12:48:32 UTC 2006


· Dennis Kaarsemaker <dennis at kaarsemaker.net>:
> On do, 2006-09-14 at 13:46 +0200, Alexander Skwar wrote:
>> Dennis Kaarsemaker <dennis at kaarsemaker.net>:

>> > Because normally, root *can* login over ssh and 'root' is a very
>> > well-known username.

Actually, that's wrong. root normally *cannot* do this.

>> > So sudo actually doubles security by having to 
>> > guess both a username and a password instead of just a password.
>> 
>> Hm. But you have to guess only one username and one password, while
>> without sudo, you have to guess one username and two passwords.
>> 
>> How is the security doubled when using sudo?
> 
> Without sudo you have to guess 0 usernames and 1 password.

Pardon? Without sudo, you have to guess 1 username and 2 passwords.

To be exact, you've got to guess the username of the user, his password
and the root password. This makes 1 username and 2 passwords.

So, after having clarified this, how is the security doubled when using
sudo?

Alexander Skwar
-- 
genlock, n.:
        Why he stays in the bottle.






More information about the ubuntu-users mailing list