Anno domini 2008 François Cerbelle scripsit: > Le Jeu 4 septembre 2008 14:25, PaweÅ Krzywicki a écrit : > > On czwartek, 4 wrzeÅnia 2008, [EMAIL PROTECTED] wrote: > >> i too noticed a similar thing when i installed on my new laptop etch. > >> the solution was as Cerbelle said. Login as a normal user and do sudo ( > >> or you can activate root login from the login menu; but i personally > >> consider it really dangerous!) > > I am wondering why this is dangerous? > > If your password is seen as "strong" "FaG34#fCFD12drtfdg" something like > > this for example why this is dangerous?
> Just because you log in "anonymously". In fact, if several people need a > root access, there are two possibilities : > - everybody knows and use the same root account/password, but you will bot > be able to know who made what. You can only see from which IP the "root" > connection was made. > - "root" account is locked, without password. nobody can directly connect > to it. everybody first need to connect with their personal account and > password before executing something as root. Nobody knows another one's > password, there is no common account or password and you can always know > who ran this damn "rm /etc/passwd". sudo sh rm /etc/passwd kill -9 $$ > Furthermore, root is also ALWAYS the first account to be attacked by > script kiddies. If it is locked, you are sure they will not be able to > connect to this account. # grep Root /etc/ssh/sshd_config PermitRootLogin without-password Your point being? (This is *not* ment personaly, you have the luck to wrote the last and most complete mail :)) Ciao Max -- Follow the white penguin. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]