* Toshiro <[EMAIL PROTECTED]> [021005 16:02]: > > > I agree. However I Dont run EVERYTHING as root nor am I a new user. Also > > > being an IT Manager I DO occasionally su to root and ssh into my > > > company's machines as root to do admin stuff so I really would not want > > > to blast away my ssh keys nor my root env. > > hmmm is it possible to ssh as a user and then su to root? would that not be > > more secure? > > > > What's the point in doing that way? When you use ssh, the communication > is encrypted. I don't see the advantage of ssh as a normal user first.
If you ssh to a root account on another machine directly, the logging on that machine does not directly say who was acting as root. By shelling in as a regular user, and then su'ing to root, the log will reflect who became root, and when; also when you exited from the root account. Also, if anyone is trying to break into that network, it gives an extra layer of security because they have to know the regular username and that password, as well as the root password. If the remote computer allows ssh into the root account, then a cracker only has to know one password to gain entry. I suspect there may be other technical security advantages but these alone would justify the extra step, IMHO. -- Jan Wilson, SysAdmin _/*]; [EMAIL PROTECTED] Corozal Junior College | |:' corozal.com corozal.bz Corozal Town, Belize | /' chetumal.com & linux.bz Reg. Linux user #151611 |_/ Network, PHP, Perl, HTML
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
