can't run gnome as root - addition - SOLVED

Phil Dobbin bukowskiscat at gmail.com
Wed Oct 3 16:55:36 UTC 2012 

Patrick Asselman wrote:

> On 2012-10-03 12:24, Phil Dobbin wrote:
>> Tom H wrote:
>>
>>> On Wed, Oct 3, 2012 at 5:49 AM, Patrick Asselman <iceblink at seti.nl>
>>> wrote:
>>>> As far as I'm aware, ssh does (by default) not allow root to login
>>>> anyway,
>>>
>>> "PermitRootLogin yes" is set by default on Debian and Ubuntu.
>>>
>>
>> And on CentOS & Fedora...
>>
>> Cheers,
>>
>>   Phil...
> 
> I have to say, this amazes me.
> 
> In my opinion this should be changed, to protect the innocent unknowing
> Linux users. The expert users who know what they get themselves into,
> can figure out how to re-enable. Default should be to not permit it. Can
> anyone tell me why it is enabled by default?
> 
> Just my opinion....

Well, if you think about it, when you get a new deployment whether
local, remote, physical or virtual, all you get is the root password &
all that's running on the machine is a ssh server generally so you need
to be able to login as root.

There are no 'users', these you have to create. Saying that, if you you
install a desktop environment, you do get the chance to create a user
other than root but it would confuse users to start getting too abstract
about security in the installer. And, besides, Ubuntu defaults to sudo
anyway.

It's possibly a.) a leftover from when Linux was more command line based
than today & b.) generally desktop distros users (Ubuntu, Mint, etc)
are, as a rule behind a NAT (what with the advent of broadband & what
have you) & don't really port forward port 22 or another port to enable
their boxes so it's left as it was originally intended.

To be frank, most desktop distro users run very little risk of being
taken over as a proxy server/open relay if they haven't opened up port
forwarding for ssh. And if they have, they should really know the
consequences of their actions. Ubuntu, in particular, is voluminous in
its documentation on all subjects & its coverage of ssh, I should
imagine, is no different.

Cheers,

  Phil...

-- 
currently (ab)using
CentOS 6.3, Debian Squeeze, Fedora Beefy, OS X Snow Leopard, Ubuntu Precise


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 661 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20121003/6c00d174/attachment.sig>

More information about the ubuntu-users mailing list