SU vs. ssh root at host
John Hardin
johnh at aproposretail.com
Wed Feb 28 03:38:02 EST 2001
mouring at etoh.eviladmin.org wrote:
>
> 1) On a fully secure system 'root' should *NEVER* be allowed to be logged
> in remotely. This includes localhost because it's possible to spoof such
> things (Granted this is my view, but it's a view that has been drilled
> into me since I first started in the UNIX community in 92).
And me since 1988.
> This also has no useful bearing on OpenSSH project. So this thread is at
> at an end so useful work can be done. =)
I disagree. I'm finding it very useful as an administrator (granted it's
noise to developers). The discussion here has caused me to review my
reasoning behind modifying the default sshd_config to disable root
logins as I build our internal RPMs. This is not a bad thing to do every
so often.
Both sides have made good points, but a consensus has not been reached
yet. Can we reach a consensus and update the default configuration files
(if necessary) to reflect it?
--
John Hardin
Internal Systems Administrator
Apropos Retail Management Systems, Inc.
<johnh at aproposretail.com> - (425) 672-1304
More information about the openssh-unix-dev
mailing list