You know I always wondered about this method. su - has you input a password. So If a sysadmin is on a cable modem at home, logs in as normal user w/ ssh, then does an su - and enters password, How is that any different? You are being sniffed on the cable network. Keep in mind you can now sniff SSH packets. So how could this be more secure? So wouldn't a hacker now have both the first user pass and the su - ?
-----Original Message----- From: Graham, Randy (RAW) [mailto:[EMAIL PROTECTED]] Sent: Monday, October 14, 2002 3:21 PM To: Chris Berry; [EMAIL PROTECTED] Subject: RE: Is SSH worth it?? You ssh as a normal user and then use 'su -' to switch over to root. Without that, you have no way of knowing who connected to a server as root. By forcing connections as normal users and using su, you can have some auditing (to prevent the "I didn't do it" syndrome). Randy Graham -- When in danger\or in doubt\run in circles\scream and shout! > -----Original Message----- > From: Chris Berry [mailto:[EMAIL PROTECTED]] > Sent: Thursday, October 10, 2002 12:53 PM > To: [EMAIL PROTECTED] > Subject: Re: Is SSH worth it?? > > > >From: Johan De Meersman <[EMAIL PROTECTED]> > >I don't think it's ever a good idea to allow root ssh to any machine > > Why not? Also, how are you going to remote administer it > without some sort > of control SSH, VNC, etc? > > Chris Berry > [EMAIL PROTECTED] > Systems Administrator > JM Associates > > "I have found the way, and the way is Perl." > > > _________________________________________________________________ > Send and receive Hotmail on your mobile device: http://mobile.msn.com >
