On Fri, Dec 15, 2006 at 01:45:40AM -0500, Grok Mogger wrote: > I've often seen this touted as a good security measure and I've > always wondered why. I can think of a few possibilities, but I > really don't know. Could someone please explain it to me?
Because, to login from outside you will need to guess a valid username and the corresponding password. After that the root password will have to be guessed locally which would leave a fat trace in the logs. In addition, most of the bots around try to guess the root password and do not spend a lot of time for normal accounts. Now, if you always have strong password, this should not matter. But there is still the risk that your password looks like an obsfucated and misspelled version of a foreign word which you have no clue about but a lucky bot operator will try. You could also have you password leaked for a stupid reason. In which case requiring a su/sudo will put a name on the perpetrator... It is just my opinion on it but I hope it helps. jacques
signature.asc
Description: Digital signature
