begin quoting Tracy R Reed as of Fri, Mar 10, 2006 at 02:52:41PM -0800: > > What is your opinion on disabling the root password and logging in only > via a normal user account and then using sudo? This makes it impossible > for someone to guess or steal the root password because there isn't one. > It also means you never have to change the root passwords when an > employee leaves. Any real downsides? I can't see any.
Surely this prevents you from booting the machine into single-user mode. Unless, I suppose, you disable password checking on single-user boot, or you boot from alternate media (knoppix, etc.) and set a root password for as long as you need one. > Related, how do you feel about disabling shell passwords entirely and > only allow ssh key authentication? For remote login only, you mean? Hm... how would you set up the pam chain for that? > The main downside to this is that you > have to have your key on you all the time. If you have a usb keydrive > that isn't such a problem but it can be a hassle if you are on an > unfamiliar machine and have to insert your keydrive and maybe the USB > isn't configured properly or some such thing. If you're on an unfamiliar machine, aren't you toast anyway, unless you're using one-time passwords? I don't use one key everywhere, I use a distinct key for every machine; mostly because I'm pretty lax about carrying around a USB stick. The big hassle seems to be in setting up a new account... What we want is probably a one-time password for logins from an untrusted machine (into a virtualized environment?), and if it's a trusted-but-unconfigured machine, the appropriate key can be dropped into place so that we don't have to keep looking at the OTP list. Just don't lose the OTP list. -- _ |\_ \| -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
