On 23/07/18 10:15, John Holland wrote:
shot. It can't be any worse of a C.F. than the ayufan builds with its
pre-allocated user 1000.
Although having a preallocated user 1000 is the standard "Debian Way", the
objective being that you can telnet (later SSH) in using that user and then sudo su to
get root (fouled up on some versions that don't add user 1000 to sudoers). For quite a
long time
The same effect can be achieved by supplementing the user in question with the
group sudo. With that there is no need to edit sudoers.
..some versions which neither add user 1000 to sudoers, nor add user
1000 to the sudo group. And so on :-)
The bottom line is that there's longstanding doctrine that you don't
send a root password over Telnet, and slightly more recent doctrine that
the prevalence of keyloggers makes it highly undesirable to enter a root
password into an unsecured desktop system.
--
Mark Morgan Lloyd
markMLl .AT. telemetry.co .DOT. uk
[Opinions above are the author's, not those of his employers or colleagues]
