Remote root ssh
Scott Lockwood
scott at guppylog.com
Thu Jun 28 15:23:52 UTC 2007
On Thu, 2007-06-28 at 11:12 -0400, Brian McKee wrote:
> > Root also must be allowed to login remotely via ssh - which is a
> really, really bad idea.
> If it's by key only (not by password) it's not so bad...
Depending on your level or paranoia, yes. Personally, I think root being
able to log in remotely is always a bad idea, if for no other rason,
than because you then can't say who actually did what from the logs.
Forcing users to either sudo or (G-d forbid) su to root at least tells
you who did what, within a reasonable degree of certainty.
--
Regards,
Scott Lockwood
More information about the ubuntu-users
mailing list