On Thu, Mar 16, 2000 at 12:54:37PM +1000, Tony Nugent wrote:
>
> WARNING! WARNING!
>
> Do NOT change the default root access in /etc/securetty to allow
> network logins as root. Never.
>
> Telnet in as a user, then su to root.
>
> Or use ssh (much, MUCH better) which WILL (by default) allow you to do
> a secure, protected, encrypted and data-compressed login session as
> root.
why is allowing root logins via ssh better then allowing root logins
via telnet? with telnet everything flys across the net in clear so
login as a user then su to root is going to send the root passwd
flying around in plain view just as much as logging is as root
directly will. I always considered the ban on remote root logins to
generally cause someone to have to guess 2 passwords instead of one,
is there another reason?
of course i think doing anything as root over plain telnet is insane
but im pedantic about such things ;-)
> Cheers
> Tony
> -=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-
> Tony Nugent <[EMAIL PROTECTED]> Systems Administrator, RHCE
> GrowZone OnLine (a project of) GrowZone Development Network
> POBox 475 Toowoomba Oueensland Australia 4350 Ph: 07 4637 8322
> -=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-
>
--
Ethan Benson
http://www.alaska.net/~erbenson/
