SSH hacked?

musicman datakid at
Tue Jan 13 05:55:14 UTC 2009

On Tue, Jan 13, 2009 at 10:03 AM, Charlie Brune <Ubuntu at> wrote:
> 3.  I only allow a few hard-to-guess users to log in via ssh.  I do this
> by adding a line like this
>     to /etc/sshd_config
>     AllowUsers xg17, ffd42y, jfjfkk11
>     Once a user, such as "xg17" logs in, they use the "su" command to
> become the user they
>     really want to be.

Doesn't that then mean you have no idea which of the three accounts is
problematic or from which IP someone has broken in from should
something nefarious happen?

is it possible to/already happening that su commands are logged?

very interesting discussion btw


because "The Wire" makes "Law and Order" or "CSI" look like an episode
of "The Brady Bunch."

More information about the ubuntu-users mailing list