Tom- how did you do this, create remote user account for admin functions via tunnel. I have upgraded my Putty to the latest verison which includes tunneling. I had used the older version for so long I didn't realize it includes tunneling now.
Now I would like to reduce the use of the root account to a minimum. steve lewis Quoting Tom Carroll <[EMAIL PROTECTED]>: > Quoting Dan Brown <[EMAIL PROTECTED]>: > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > > From: Graeme Robinson [mailto:[EMAIL PROTECTED]] > > > > > Not that we ever use the root account for remote administering do > > > we? > > > > To remotely log in as root? No; I connect as a user and then su. > > > > > One of the first things you will do in setting up a server is > > > create a user account for yourself, set the shell for your account > > > to /bin/bash and then give your account equivalent root sudo > > > privileges in /etc/sudoers. > > > > I'd agree with the first two steps, but the third seems like you'd > > be back to the equivalent of just logging in as root. A little > > better, I guess, as an attacker would need to know what accout to > try > > to crack, but once they're in, it's just a matter of 'sudo rm -rf > /". > > If you have to su, you also need the root password. Of course, > it's > > entirely possible I'm missing something. > > I like using su instead of messing with the sudeors method. I have > since > created a remote users account with the proper shell and I now log in > using > that user and then su to root if I need to do anything. The remote user > is > mainly used to access the e-smith-manager via a tunnel. > > Thanks for everyone's input! > > Tom Carroll > > -- > Please report bugs to [EMAIL PROTECTED] > Please mail [EMAIL PROTECTED] (only) to discuss security issues > Support for registered customers and partners to [EMAIL PROTECTED] > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Archives by mail and > http://www.mail-archive.com/devinfo%40lists.e-smith.org > > -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
