On 17 Jan 2001, at 14:36, Paul Nesbit wrote:
> Hi Dean,
>
> Dean Staff wrote:
> >
> > Hi All,
<snip>
> > I had the same problem (not really a problem, more of an issue) as
> > everyone else with trying to telnet in as root. But, seeing as how I
> > write the Security Watch column for "Maximum Linux", I tend to agree
> > with Gordon and the other e-smith developers, that forcing
> > administrators to use SSH to remote login as root is a good thing.
> > That said, why don't you do the same with "admin" after all root and
> > admin use the same password.
>
> They use the same password, but a different shell. Root access to a
> shell can be dangerous, while access to the e-smith console is
> relatively harmless.
Yes but if the admin password is intercepted then all someone has to
do is try an SSH connection using root and the password they stole.
(Do I sound paranoid?)
Dean
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dean Staff
Protus IP Solutions
210 - 2435 Holly Lane
Ottawa, ON K1V 7P2 Canada
613-733-0000 ex 546 Fax 613-248-4553
e-mail: [EMAIL PROTECTED] Web: http://www.protus.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
