Steve Holdoway wrote: > Even though you lose the accountability of the sudo log, it still does > add extra protection of not being to remotely log in as root, and > there's no password, no certificate to enable it if/when you get there. > > Yes, I know there are other ways of doing it. All have their pros and > cons... and I suppose sudo hasn't been tested by the hackers yet. After > all, DNS was secure as until that happened (: > > I consider remote access available only as joe.bloggs, followed by sudo > to be far safer than being able to ssh in as root. But then risk is a > very subjective thing.
Don't forget user toor! OK, this is really a BSD thing. :P --Aidan
signature.asc
Description: OpenPGP digital signature
