Re: SSH as root
From: Andy Walden (andy_at_tigerteam.net)
Date: Thu, 3 Jul 2003 15:43:10 -0500 (CDT) To: Paul Bauer <firstname.lastname@example.org>
On Thu, 3 Jul 2003, Paul Bauer wrote:
> I personally don't allow ssh as root but am now curious as to why this
> is a bad practice. I had long believed it was a security risk and just
> unnecessary and have been told this is FUD.
As most things, it depends on your point of view and what your goals and
requirements are. One argument is that it could remove accountability from
a specific user, as can any role account. Another point is that by
allowing root logins, a remote user could perform a brute force attack
against your root account. By restricting remote root access, the idea
is that you limit your root vulnerability to just local users.
-- PGP Key Available at http://www.tigerteam.net/andy/pgp