Re: Allowing remote root login seems to be bad. Why?
- From: "Mario Platt" <mplatt@xxxxxxxxx>
- Date: Mon, 2 Jun 2008 16:35:53 +0100
Hey,
Well in my opinion, debian guys are right, and for one reason only: Logging.
If you login the machine with root, and everyone does it as well, you
will never know who is doing what. In the case of your machine being
only administered by yourself, and you have no sudo policies, it all
ends up being the same... mas in a multi admin environment, I think
it's an absolute must...
On Mon, Jun 2, 2008 at 9:29 AM, Ron Arts <ron@xxxxxxxxxxxxxx> wrote:
Hi,
today I found that different Linux distributions have various
policies regarding allowing remote root access. For example,
The Redhat/Fedora crowd seems to enable this on default installs,
but the Debian/Ubuntu don't, they recommend sudo.
I googled around but could not find why fedora allows it, and the
debian people just seem to have one reason: 'allowing remote root
access is bad, everybody knows that'.
Suppose I ensure that root has a very strong password, then does
it really matter either way?
Thanks,
Ron
- Follow-Ups:
- RE: Allowing remote root login seems to be bad. Why?
- From: Glenn Pitcher
- Re: Allowing remote root login seems to be bad. Why?
- From: Ben Ford
- RE: Allowing remote root login seems to be bad. Why?
- From: Smith Jr, Harry E
- RE: Allowing remote root login seems to be bad. Why?
- From: François Noel
- RE: Allowing remote root login seems to be bad. Why?
- References:
- Allowing remote root login seems to be bad. Why?
- From: Ron Arts
- Allowing remote root login seems to be bad. Why?
- Prev by Date: Allowing remote root login seems to be bad. Why?
- Next by Date: OpenSSH 5.0p1 ignoring --without-openssl-header-check
- Previous by thread: Allowing remote root login seems to be bad. Why?
- Next by thread: RE: Allowing remote root login seems to be bad. Why?
- Index(es):
Relevant Pages
|
