On Sun, 20 Dec 1998, Dick wrote:
> Looks like the "su" to root works. What I don't understand is how this is
> any more secure than being able to login as root directly.?
well, most sniffers "out of the box" won't look for su unless it's within
the first few bytes transmitted after a login. So, they have _your_
password but not root's.
Which means a cracker needs to do slightly more work. Also, all instances
of the su command are logged, not all root logins are (via login, they
usually are).
a more verbose logging is done via sudo, a very nice tool that keeps the
root password out of everybody's hands. It's a way to spend much less
time as root -- for example I generally don't use a root shell at all, I
use sudo to invoke a specific command like the 'make install' after I
built and tested everything as an unprivileged user.
> From: Lindsay Haisley <[EMAIL PROTECTED]>
> To: Dick <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Sunday, December 20, 1998 11:04 PM
> Subject: Re: How can I login as "root" from a telnet session?
>
>
> >Root telnet login is disabled for very good security reasons. You'd be
> >best to set up a user account on the machines you need to access and run su
> >or sudo from said user account. If your login supports /etc/login.access
> >you >may< be able to configure it to allow remote root login, but I wasn't
> >able to.
> >
> >With regard to your .a libraries, you may be running a different
> >development platform on the SCO box. Linux boxes generally run the GNU
> >dev. env.
> >
> >At 10:12 PM 12/20/98 -0600, Dick did speak as follows....
> >>>>>
> >1. Anyone out there know how I can allow a telnet session to log into RH
> >5.2 Linux as root. I am maintaining systems in the field and sometimes
> >need to login as root from a remote site.
> >
> >2. Interesting situation: I am porting from SCO OpenServer 5.0.4 and
> >after moving everything over to RH Linux 5.2, I ran my program. It seemed
> >to run WITHOUT compiling on Linux! I was shocked. Then I went to change
> >something and tried to compile. It seems that the libraries "xxx.a" files
> >that came over in the move are NOT compatible with the Linux Linker.
> >Anyway on SCO to MAKE them compatible (some flag or switch in the "ln"?),
> >or is there something I can do under Linux to make it recognize what SCO
> >put out in the form of "xxx.a"'s.
> >
> >thx,
> >dick
> >
> ><<<<
> >
> >
> >Lindsay Haisley (______)
> >FMP Computer Services (oo) "The bull
> >[EMAIL PROTECTED] /------\/ stops here!"
> >Austin, Texas, USA / | ||
> >512-259-1190 * ||---|| * * * * * *
> > ~~ ~~ http://www.fmp.com
>
> ---------------------------------------------------------------------------
> Send administrative requests to [EMAIL PROTECTED]
>
_____________________ _ _ _________________________
Michael Rice |_| Collective |_| http://www.colltech.com
[EMAIL PROTECTED] |_ technologies _| 281 267 9270 pager
512 342 6301 Motorola [] [] "The Power Of Many Minds"
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
