Security of using sudo rather than su?
Peter Garrett
peter.garrett at optusnet.com.au
Sun Sep 17 13:32:02 UTC 2006
On Sun, 17 Sep 2006 14:48:32 +0200
Alexander Skwar <listen at alexander.skwar.name> wrote:
> ยท Dennis Kaarsemaker <dennis at kaarsemaker.net>:
> > On do, 2006-09-14 at 13:46 +0200, Alexander Skwar wrote:
> >> Dennis Kaarsemaker <dennis at kaarsemaker.net>:
>
> >> > Because normally, root *can* login over ssh and 'root' is a very
> >> > well-known username.
>
> Actually, that's wrong. root normally *cannot* do this.
Well, from a default newly installed /etc/ssh/sshd_config :
# Authentication:
LoginGraceTime 120
PermitRootLogin yes ## << My emphasis
StrictModes yes
So, as Dennis said, on Ubuntu that is in fact the default, as you will
find if you set a root password and try to log in... ( not recommended,
at least not by most... ).
Of course, you might say Ubuntu is not normal, for some value of
"normal" ;-)
Peter
More information about the ubuntu-users
mailing list