Date: Sat, 13 May 2006 11:24:10 -0500 From: Kevin Kinsey <kdk@daleco.biz> To: maanjee@gmail.com Cc: freebsd-questions@freebsd.org, John.Dickinson@nominet.org.uk Subject: Re: Help: Unable to change to SU through SSH Message-ID: <4466082A.9090408@daleco.biz> In-Reply-To: <OF24647A36.2E62108A-ON8025716D.0055DA65-8025716D.00573C11@nominet.org.uk> References: <OF24647A36.2E62108A-ON8025716D.0055DA65-8025716D.00573C11@nominet.org.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
John.Dickinson@nominet.org.uk wrote: > > I would recommend that you dont create an admin user. Create normal user > accounts named after the user who will be logging in. Add users who will > need to be able to do admin tasks to the wheel group. Then install sudo > and configure it to allow users in the wheel group to run commands as > root. > The reason this is a Good Thing(tm): a large number of "in the wild" exploit scripts/bots/programs already attempt to use a "admin" username in their attempts to break your security (also, 'root', 'administrator', 'webmaster', 'bob', 'joe', 'fred', 'test', etc.). I've yet to see one that tries to log in as "manjee", though, unless it has parsed the username as part of an e-mail address in a web site or server error page. In e-mail, "aliases" to actual user accounts should rule the day. Kevin Kinsey -- It is through symbols that man consciously or unconsciously lives, works and has his being. -- Thomas Carlyle
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4466082A.9090408>