I used putty to connect to my server as root. I created a new user (we'll call it remote) by using the adduser command line. I used passwd to assign it a password (at least 8 characters mixed with letters and numbers). I also changed the shell for that user by using chsh.
I then logged out and configured a new profile for putty and set the tunnel information and then saved the info. Now I can log in as the remote user and tunnel to my e-smith-manager. If I need administrative privledges I just su to root. If you want a sudo you will have to look back through this thread as see what others said about setting up your sudeor's file. Is this what you were looking for? Tom Carroll Quoting "Steven D. Lewis" <[EMAIL PROTECTED]>: > Tom- how did you do this, create remote user account for admin functions via > > tunnel. I have upgraded my Putty to the latest verison which includes > tunneling. I had used the older version for so long I didn't realize it > includes tunneling now. > > Now I would like to reduce the use of the root account to a minimum. > > steve lewis > > Quoting Tom Carroll <[EMAIL PROTECTED]>: > > > Quoting Dan Brown <[EMAIL PROTECTED]>: > > > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > > Hash: SHA1 > > > > > > > From: Graeme Robinson [mailto:[EMAIL PROTECTED]] > > > > > > > Not that we ever use the root account for remote administering do > > > > we? > > > > > > To remotely log in as root? No; I connect as a user and then su. > > > > > > > One of the first things you will do in setting up a server is > > > > create a user account for yourself, set the shell for your account > > > > to /bin/bash and then give your account equivalent root sudo > > > > privileges in /etc/sudoers. > > > > > > I'd agree with the first two steps, but the third seems like you'd > > > be back to the equivalent of just logging in as root. A little > > > better, I guess, as an attacker would need to know what accout to > > try > > > to crack, but once they're in, it's just a matter of 'sudo rm -rf > > /". > > > If you have to su, you also need the root password. Of course, > > it's > > > entirely possible I'm missing something. > > > > I like using su instead of messing with the sudeors method. I have > > since > > created a remote users account with the proper shell and I now log in > > using > > that user and then su to root if I need to do anything. The remote user > > is > > mainly used to access the e-smith-manager via a tunnel. > > > > Thanks for everyone's input! > > > > Tom Carroll > > > > -- > > Please report bugs to [EMAIL PROTECTED] > > Please mail [EMAIL PROTECTED] (only) to discuss security issues > > Support for registered customers and partners to [EMAIL PROTECTED] > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > Archives by mail and > > http://www.mail-archive.com/devinfo%40lists.e-smith.org > > > > > > -- > Please report bugs to [EMAIL PROTECTED] > Please mail [EMAIL PROTECTED] (only) to discuss security issues > Support for registered customers and partners to [EMAIL PROTECTED] > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Archives by mail and > http://www.mail-archive.com/devinfo%40lists.e-smith.org > > -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
