Date: Thu, 8 Nov 2001 21:35:41 -0500 From: "Kutulu" <kutulu@kutulu.org> To: "Andrew C. Hornback" <achornback@worldnet.att.net>, "Anthony Atkielski" <anthony@atkielski.com> Cc: "Giorgos Keramidas" <charon@labs.gr>, <freebsd-questions@FreeBSD.ORG> Subject: Re: Re[2]: Tiny starter configuration for FreeBSD Message-ID: <01aa01c168c7$40ca1290$88682518@longhill1.md.home.com> References: <013501c1687a$f47e47e0$6600000a@columbia>
next in thread | previous in thread | raw e-mail | index | archive | help
> But... as it's been pointed out, logging in directly as root doesn't allow > for the audit trail in the logs that logging in as a user and then using > 'su' does. It can give you most of the same information, if you go to the trouble to log sshd logins: Nov 8 21:20:59 <4.6> xxxx sshd[12696]: Accepted publickey for root from 10.15.101.5 port 2890 ssh2 And in many cases, there are so few people who should be logging on as root (often it's just me, or perhaps me and one other person) that it's extremely easy to tell who did what. > Logging in as root from anywhere but the console is bad practice, IMHO. Some of us don't have the luxury of being anywhere near their consoles :) --K To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01aa01c168c7$40ca1290$88682518>