Ron Arts wrote:
Hi,
today I found that different Linux distributions have various
policies regarding allowing remote root access. For example,
The Redhat/Fedora crowd seems to enable this on default installs,
but the Debian/Ubuntu don't, they recommend sudo.
I googled around but could not find why fedora allows it, and the
debian people just seem to have one reason: 'allowing remote root
access is bad, everybody knows that'.
Suppose I ensure that root has a very strong password, then does
it really matter either way?
Thanks,
Ron
Script kiddies are constantly scouring the Net looking to crack the root
account on boxes that they find. If you disable remote root access, you
remove this threat. Then the attacker would have to be able to guess
both a non-obvious username AND a non-obvious password in order to gain
access to your box. Wouldn't a strong root password remove the threat
anyway, though? Probably. But why take the chance? By disallowing
remote root access, you remove this line of attack, and really don't
inconvenience yourself very much by doing so, since you can easily
perform root-level functions from your user account using sudo.
In fact, I strongly recommend the use of sudo in general. It's
generally a bad idea to sign in as root anyway, partly for security
reasons, but also partly so that if you accidentally do something stupid
like "rm -rf /" it won't have catastrophic consequences. Better to just
log in as your user account, and then briefly elevate to root privileges
using sudo when needed.
DR
