One more thing to add: since root is the goal of many hacks, if you
never use the root account, a sudden login to root signles 'You are
hacked'. A root kit, in particular, attacks in order to gain root
access.
Ben Ricker
System Administrator
Wellinx.com
On Tue, 2001-09-25 at 13:31, Greg A. Woods wrote:
> [ On Tuesday, September 25, 2001 at 11:59:45 (-0400), Edward Lewis wrote: ]
> > Subject: Why restrict root logins?
> >
> > I have been asked about the rationale behind restricting direct root logins
> > via SSH. (There is a sshd configuration option on this.) Is there a
> > document that lists the reason why this exists?
>
> Because generally speaking the "root" account is a shared account, and
> without accountability to match system activities to a real-world person
> there is no security (possible, by definition).
>
> You don't really need to restrict root logins if only one person knows
> the root password (or other authentication token) since then you know
> who the real person is using the "root" account.
>
> However there's some benefit percieved by some people in requiring two
> authentication steps to get to superuser access (i.e. normal user login,
> followed by 'su').
>
> --
> Greg A. Woods
>
> +1 416 218-0098 VE3TCP <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
> Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
