Re: Allowing remote root login seems to be bad. Why?


Well in my opinion, debian guys are right, and for one reason only: Logging.
If you login the machine with root, and everyone does it as well, you
will never know who is doing what. In the case of your machine being
only administered by yourself, and you have no sudo policies, it all
ends up being the same... mas in a multi admin environment, I think
it's an absolute must...

On Mon, Jun 2, 2008 at 9:29 AM, Ron Arts <ron@xxxxxxxxxxxxxx> wrote:

today I found that different Linux distributions have various
policies regarding allowing remote root access. For example,
The Redhat/Fedora crowd seems to enable this on default installs,
but the Debian/Ubuntu don't, they recommend sudo.

I googled around but could not find why fedora allows it, and the
debian people just seem to have one reason: 'allowing remote root
access is bad, everybody knows that'.

Suppose I ensure that root has a very strong password, then does
it really matter either way?


Relevant Pages

  • Re: FC4 installaion bogged up WINXP
    ... root ... never looked at a debian grub.conf. ... fedora but did not let it install grub when asked. ...
  • Re: How to edit a read-only file
    ... I'm trying to boot the latest debian on an acer travelmate laptop. ... I booted the laptop w knoppix cd 4.0.2 I've been learning the console today. ... <are you not root? ...
  • Re: Rationale
    ... >> root writing to it, and also not to put current directory in root's path. ... Too bad debian doesn't do that out of the box. ... Default debian install creates no usr/local directories, ... We also know there are known unknowns; ...
  • Re: Does email server OS needs clamav?
    ... run under the root user... ... Certainly not for exim or postfix, ... exactly what crap are you running on your "Debian mail server"? ... "One disk to rule them all, ...
  • Re: upgrading ubuntu to debian
    ... it to pure debian. ... Since Ubuntu uses sudo for everything, when using programs that require root ... access expect the user password, ...