On Thu, Apr 05, 2001 at 12:01:58AM +0800, Julius C. Duque said:
> On Tue, 3 Apr 2001, Jason Spence wrote:
> > Does anyone know of a general PAM debug mechanism? I couldn't find
> > one after a quick search.
>
> Good security practice tells us that you shouldn't be logging in
> *remotely* as root.
I knew that was true for telnet due to interception during the
authentication phase, but I don't see how ssh is affected by the same
problem due to the encrypted pre-connection authentication phase that
it has.
Also, our billing system has to autonomously log in as root remotely
to some of our other servers because it is very difficult to automate
it by logging in as a normal user and then suing to root. If you an
easy way to do it using perl, I'd like to hear it :)
- Jason
