Security of using sudo rather than su?
listen at alexander.skwar.name
Sun Sep 17 13:48:32 BST 2006
· Dennis Kaarsemaker <dennis at kaarsemaker.net>:
> On do, 2006-09-14 at 13:46 +0200, Alexander Skwar wrote:
>> Dennis Kaarsemaker <dennis at kaarsemaker.net>:
>> > Because normally, root *can* login over ssh and 'root' is a very
>> > well-known username.
Actually, that's wrong. root normally *cannot* do this.
>> > So sudo actually doubles security by having to
>> > guess both a username and a password instead of just a password.
>> Hm. But you have to guess only one username and one password, while
>> without sudo, you have to guess one username and two passwords.
>> How is the security doubled when using sudo?
> Without sudo you have to guess 0 usernames and 1 password.
Pardon? Without sudo, you have to guess 1 username and 2 passwords.
To be exact, you've got to guess the username of the user, his password
and the root password. This makes 1 username and 2 passwords.
So, after having clarified this, how is the security doubled when using
Why he stays in the bottle.
More information about the ubuntu-users