What is your opinion on disabling the root password and logging in only via a normal user account and then using sudo? This makes it impossible for someone to guess or steal the root password because there isn't one. It also means you never have to change the root passwords when an employee leaves. Any real downsides? I can't see any.
Related, how do you feel about disabling shell passwords entirely and only allow ssh key authentication? The main downside to this is that you have to have your key on you all the time. If you have a usb keydrive that isn't such a problem but it can be a hassle if you are on an unfamiliar machine and have to insert your keydrive and maybe the USB isn't configured properly or some such thing. -- Tracy R Reed http://copilotconsulting.com 1-877-MY-COPILOT -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
