On Wed, 6 Sep 2000, Steve Curry wrote:
> Why don't you just login under a normal user account and then "su" to root?
> This is the easiest way, and the way most of us do it.
If that's "the way most of us do it", then it's probably worth pointing
out that getting root over telnet, including using su is *BAD* *BAD*
*BAD*. You're still sending the password in plain text over a TCP
connection. The same thing holds true for the telnet authentication
(/bin/login), su, sudo, POP, IMAP, FTP, etc.
To protect your systems, you really should use encrypted connections for
everything. Use ssh instead of telnet; set up stunnel, jonama, or other
SSL proxy for other services.
ssh really isn't more difficult to use than telnet. Even the command line
is shorter :) (Set up RSA authentication, and ssh becomes even easier
AND more secure)
MSG
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
