On Sun, May 27, 2001 at 12:41:33PM +0200, Timo Blazko Boewing wrote: > Hello! > > A silly theoretical question: in a ssh thread above, one got the answer *not* > to enable root user access to a station, it would be better to use a limited > user account and then gain access via su or that. > What is the difference between that. Don't I have full admin rights with su? > Or if I have, what is the difference? Is it cos a direct root login allows to > exploit the sys due to some scripts that get autom. exec'd? > I just want to know....cos thus I know why I do things that way :-) if someone steals your root password, they have full control over your box. with having remote root logins disabled they have to break in a user account _and_ in the root account.
if you're really security minded you should use ssh keys instead of passwords, since passwords can be easier stolen. the advantage of ssh keys is that you need a key _and_ a passphrase to break in.... for more info, look at the freebsd security manpage (applies to linux too): http://www.freebsd.org/cgi/man.cgi?query=security&apropos=0&sektion=0&manpath=FreeBSD+5.0-current&format=html for simple, local servers this might be a bit overkill, so you prolly can get away with only choosing good passwords for root and others -- ,-------------------------------------------. > Name: Alson van der Meulen < > Personal: [EMAIL PROTECTED] < > School: [EMAIL PROTECTED] < `-------------------------------------------' Say, What does "Superblock Error" mean, anyhow? ---------------------------------------------
