Date: Mon, 22 Jan 2001 12:58:38 -0800 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Juraj Lutter <otis@wilbury.sk> Cc: Ted Sikora <tsikora@powerusersbbs.com>, freebsd-stable@FreeBSD.ORG Subject: Re: ssh login Message-ID: <200101222059.f0MKxXx68194@cwsys.cwsent.com> In-Reply-To: Your message of "Mon, 22 Jan 2001 18:44:42 %2B0100." <20010122184442.C48980@wilbury.sk>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20010122184442.C48980@wilbury.sk>, Juraj Lutter writes: > On Mon, Jan 22, 2001 at 12:38:15PM -0500, Ted Sikora wrote: > > > > That was it. How can root be dangerous in ssh.. isn't that why it > > exists? Or would using su be better? I usually use ssh to remotely > > administer the servers. > > Yes, using ``su'' or ``sudo'' is more elegant solution than remote > root login. If I think about hcked boxes and patched ssh clients, it > makes me scarry to login as root remote :-) The problem with sudo is that you still have one password protecting root. Sudo does support OTP through S/Key and OPIE. With appropriate measures to ensure you don't paint yourself into a corner, this solution looks quite appealing. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101222059.f0MKxXx68194>