Having 2 authentication steps, and proper logs, allows for good
user-tracking/management for those who are KNOWN to have root access. Making
them "su or su -" makes it easier to know WHO did what. That said, this
doesn't prevent malicious use. Something that has MAC and other ACLs would
be more proper.
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-796-9023
email: [EMAIL PROTECTED]
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 25, 2001 1:31 PM
> To: Edward Lewis
> Cc: [EMAIL PROTECTED]
> Subject: Re: Why restrict root logins?
>
>
> [ On Tuesday, September 25, 2001 at 11:59:45 (-0400), Edward
> Lewis wrote: ]
> > Subject: Why restrict root logins?
> >
> > I have been asked about the rationale behind restricting
> direct root logins
> > via SSH. (There is a sshd configuration option on this.)
> Is there a
> > document that lists the reason why this exists?
>
> Because generally speaking the "root" account is a shared account, and
> without accountability to match system activities to a
> real-world person
> there is no security (possible, by definition).
>
> You don't really need to restrict root logins if only one person knows
> the root password (or other authentication token) since then you know
> who the real person is using the "root" account.
>
> However there's some benefit percieved by some people in requiring two
> authentication steps to get to superuser access (i.e. normal
> user login,
> followed by 'su').
>
> --
> Greg A. Woods
>
> +1 416 218-0098 VE3TCP <[EMAIL PROTECTED]>
> <[EMAIL PROTECTED]>
> Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird
> <[EMAIL PROTECTED]>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
