Hi!
On Wed, Oct 11, 2006 at 07:01:44PM -0700, Peter Abrahamsen wrote:
> Which is a better idea, allowing key-only root access, or ssh'ing in
> as myself and running su/sudo/whatever? Either way, I'll set up
> iptables so that connection attempts from anywhere other than my
> office are -j DROP'ed.
I've seen a lot of recommendation to disable ssh root access on the web.
But I don't think something is wrong with enabling remote root _IF_
you allow key-ONLY access (and so make password bruteforcing impossible).
But, from other view, it's safer if you logged as usual user and use sudo
for executing commands as root (not su!). That's because this way you have
less chance to run 'as root' commands which doesn't actually require root
privileges.
But, if 90% of commands which you use while accessing remote
server require root privileges (which is usual case for remote
administration task), then I think remote ssh key-only root is ok.
--
WBR, Alex.
--
[email protected] mailing list
