On Sun, 2009-04-05 at 21:44 -0600, Jessie Morris wrote: > On Sunday 05 April 2009 9:31:17 pm Doran L. Barton wrote: > > Or, better yet, don't log in remotely as root, period. In > > /etc/ssh/sshd_config: > > > > PermitRootLogin no > > > > It's one of the first things I do on just about any Linux box. > > Couldn't you get around that quite easily by logging in as a normal user then > running "su"?
That's the point. It doubles the number of accounts an attacker has to compromise. It also creates an audit trail so you know which co-worker needs to be "educated" after taking down a productions system. All without making the system noticeably harder to manage. -- "XML is like violence: if it doesn't solve your problem, you aren't using enough of it." - Chris Maden /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
