On Thu, Jul 10, 2008 at 3:11 PM, Alex Samad <[EMAIL PROTECTED]> wrote: > other have answered was to get around this. How about ssh straight to > root@ the box (turn sshd to allow root login by sign only and set a
I don't think this is such a good idea, because direct outside root logins should be disabled anyway. Think of it like this - if the user knows he can get root without having to know the password of an unprivileged user, it's that much easier for him to get in. Rather, disallow those logins and make outside users use sudo, and make even that practice suspect (of course there are reasons to let outsiders - in the sense they don't have physical access to the system in to do root things). Of course, passphrases are the thing to setup - especially on direct root logins as it makes the chance of J. Random Hacker (think of all the script kiddies from overseas banging into your box at night) getting through and doing potential harmful things. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
