This is for accounting purposes. When users login as root you cannot tell who it was. If my machine is the only one that can login as root then I know it was either me or a user that had to su to root. Also I use ssh keys so no passwords are sent from my machine and it makes it much easier to spread config files.
Richard Nghiem On Fri, 2002-11-08 at 14:42, Jon Etkins wrote: > >On Fri, Nov 08, 2002 at 10:00:58AM -0800, Richard Nghiem wrote: > >> > >> I have restricted root login to all my machines through ssh by setting > >> "PermitRootLogin no". I do most of my work as root and distribute > >> configs files through scp to the correct places. Currently I have to su > >> -l after I login as myself. > > Perhaps I'm missing something, but what does this achieve? You still have > to pass the root password, and the channel is secured before you even send > the login name, so how is it any more secure to do this after you've logged > in than at the initial login? > > Curious, > Jon Etkins > Austin, TX > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
