Re: what is wrong with root login for ssh2

Fri, 04 May 2001 06:03:27 -0700 

I have also heard this before, and it took a lot of pondering before I came
up with my own answer - it's my own, not backed by anything:

Think of brute force attacks.  If someone were to start brute forcing ssh
connections,  they will obviously try to start with a user name of root.  If
you deny root access, they will first have to know a username that does have
access, and then once they get in there, they would have to find a local
exploit to get root access.  Most script kiddies will give up way before
that point.

Anyone have any thoughts?  Am I totally off base?

Justin
----- Original Message -----
From: "Robert Reyes" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, May 02, 2001 3:40 AM
Subject: Re: what is wrong with root login for ssh2


> exactly! if you're the only one using your machine, why do this? But if
you
> have others who can log in as root, it will be better to identify first
who
> logged in. if something wrong happens, it can be traced who last used the
> machine. the purpose is not to blame the guy, but usually to ask him of
what
> he did to simplify the troubleshooting.
>
> On Wednesday 02 May 2001 16:26, you wrote:
> > AFAIK the disadvantage is when you have multiple people with root
> > access to a machine - if you log in as root then when checking who
> > logged in and when using "last" you don't know who the person was,
> > but a login with your username and then "su -" will log who was doing
> > root stuff... kinda handy in tracking down what's going on on a
> > machine administered by a varierty of people...
> >
> > not sure if there is a problem if it's just you and your own server
> > though...
> >
> > - dan.
> >
> > At 1:43 PM +0800 2/5/01, Mark Lo (3) wrote:
> > >        I have been searching the news group about ssh2, people are
> > >discouraged with root login, I would like to know what is the
disadvantage
> > >of root login.  What if, I only use public key to login, and I am
pretty
> > >sure no one can steal my key, then what is the disadvantage about root
> > > login in this circumstances.
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
>



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to