Re: [e-smith-devinfo] 4.1b3 observations

[Dean Staff]

On 17 Jan 2001, at 14:36, Paul Nesbit wrote:

> Hi Dean,
> 
> Dean Staff wrote:
> > 
> > Hi All,
<snip>
> > I had the same problem (not really a problem, more of an issue) as
> > everyone else with trying to telnet in as root. But, seeing as how I
> > write the Security Watch column for "Maximum Linux", I tend to agree
> > with Gordon and the other e-smith developers, that forcing
> > administrators to use SSH to remote login as root is a good thing.
> > That said, why don't you do the same with "admin" after all root and
> > admin use the same password.
> 
> They use the same password, but a different shell.  Root access to a
> shell can be dangerous, while access to the e-smith console is
> relatively harmless.

Yes but if the admin password is intercepted then all someone has 
to do is try an SSH connection using root and the password they 
stole. (Do I sound paranoid?)


Dean

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dean Staff  Kanata On. Canada
[EMAIL PROTECTED] 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~