ssh and remote sudo not hiding password

Colin Law clanlaw at
Fri Nov 13 16:09:12 UTC 2009

2009/11/13 Derek Broughton <derek at>:
> Hal Burgiss wrote:
>> On Thu, Nov 12, 2009 at 10:12:54AM -0500, Brian McKee wrote:
>>> Don't recommend doing so without at least acknowledging that's not the
>>> way this distro was planned to be used.
>> And who are you to tell me what I can recommend and what I can't? If this
>> is your list, pull the plug on me. If not, shove it. Sideways. I don't
>> much care how "the way the distro was planned to be used", I was not on
>> the planning committee and did not sign on the dotted line or take the
>> pledge.

@Hal Burgis: You may not care about the way the distro was planned to
be used but I would suggest that it is not a good idea to recommend a
practice that is controversial for Ubuntu without explaining the
inherent risks.

> Nevertheless, you're recommending insecure practices to somebody who clearly
> doesn't have much of an idea why it _would_ be insecure.  Not nice.

@Derek Broughton: Actually I (as the OP) do know perfectly well that
the suggestion would be insecure, and would not have entertained the
suggestion to set a root account and ssh in as root.  This would not
even answer the question I originally asked.  However I agree entirely
with your sentiments, many reading the list would not understand the
security issues.

This is good, I have never set off a flame war before.  Or do we need
a few more angry posters in order for it to be classed as a war rather
than a scuffle.  Perhaps I need to consult wikipedia for a definition.


More information about the ubuntu-users mailing list