On Monday 09 May 2005 10:16 am, Kevin D. Clark wrote: > Neil Joseph Schelly <[EMAIL PROTECTED]> writes: > > On Monday 09 May 2005 09:06 am, Brian wrote: > >> 1, NEVER allow root access via SSH. You should have to login as a user, > >> and then su - to root, or better yet setup a sudoers file. > > > > This is one of those best practices I've never really felt had > > merit. > > Doing this helps create an audit trail. > > You have a lot more information if you know that "user" logged in via > ssh and then su'd to root compared to just knowing that somebody > somewhere logged in as root.
That is an interesting perspective I hadn't considered. I can think of more than a time or two that would have been helpful in retrospect. So perhaps it's more of an administration best practice than a security best practice? -N _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss