mhaney at ercbroadband.org
Thu Jan 15 14:31:32 UTC 2009
Chris G wrote:
> It's one of the reasons I don't use sudo (no one has any sudo
> privileges) on my system. I also have ssh root access disabled.
> So, to get root access, an attacker using ssh has to first guess my
> (or another user) password and then guess the root password.
> (In addition ssh is only allowed from a few IP addresses but that's
> irrelevant to my comment above)
So basically, you have a typical secure linux setup, where to do any
thing with root, you have to log in as root?
For me, that's the most secure method of managing a system. Granted, it
isn't the most /convenient/ at times, but that's a sacrifice I'm willing
to make on the internet facing systems I have to manage.
Frustra laborant quotquot se calculationibus fatigant pro inventione
Sr. Systems Administrator
Call (866) ERC-7110 for after hours support
More information about the ubuntu-users