Matthew Dillon wrote:
For that matter, for anyone who is serious about security, never
allow a passworded login (ssh or otherwise) for ANY account.
How do you log in at the console, then? Eventually, you have to log in
at a console *somewhere* (unless you have a com port jacked in to the
back of your head, Matrix-style...).
And, er, before anyone suggests biometrics (fingerprints, at least), you
should see the Mythbusters episode where they easily hack a supposedly
expensive, uncrackable biometric security system.
http://silverstr.ufies.org/blog/archives/000973.html has a clip of this.
