On 01/18/2008 10:48 AM, Jim Flanagan wrote:
To follow up on this, what would be involved for an automated process to
log in as root in this manner?
I would guess using sudo.
I understand doing this manually, like
any shell on the machine, but does there exist any automated login
scripts that try to get user, then root, or is this considered too many
steps to be practical from a crackers standpoint?
Not sure, but you could allow a user restricted root commands using
sudo, instead of suing to root to run a command.
Also, if you set the SSH login to accept only a key (with or without
passphrase), is it considered "secure" to allow direct root logins (or
rather authentications) using a key only?
I would think so, and is probably the best way to run a root required
command remotely via ssh, since sudo would give the local user access to
those root commands if local, while the key restricted root login would
keep that process secure and not give more privilege to a user.
--
Joe Morris
Registered Linux user 231871 running openSUSE 10.3 x86_64
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
