can't run gnome as root - addition - SOLVED
Phil Dobbin
bukowskiscat at gmail.com
Tue Oct 2 23:14:27 UTC 2012
compdoc wrote:
>>> why do i have to adapt the OS ? I think the OS should adapt
>> to the needs and wishes of the user as far as possible.
>
> Security needs change. 'root' is a well-known username so if its enabled and
> there's direct access from the web, it gives someone half the combination:
> they only have to guess at passwords rather than guessing at a username and
> password.
>
> All my servers are behind firewalls and there are no ports open to the world
> like ssh, which does give some protection. I used to enable the root account
> myself, but sudo is second nature now and no trouble at all.
The trick is to disable root login & only login as a user (I'm talking
about ssh here). Also, there are simple firewalls rules you can set that
if somebody tries to login with the incorrect password three times in a
specified time limit, ssh automatically drops the connection from that
IP address (you can also send the most repeat offending IP addresses to
a table to be stored for later reference so they only get one chance
before being dropped).
Oh, & a random, 16 character, alpha-numeric, upper/lower case password
helps too :-)
Cheers,
Phil...
--
currently (ab)using
CentOS 6.3, Debian Squeeze, Fedora Beefy, OS X Snow Leopard, Ubuntu Precise
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 661 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20121003/8211694e/attachment.sig>
More information about the ubuntu-users
mailing list