Re: Allowing remote root login seems to be bad. Why? (SUMMARY)



Okay,

the general feeling seems to be that you should disable
remote root login, for the following reasons:

1. Why take the chance that someone cracks the root account.
2. You want to keep logs on who is logging in to your box.

Though from the answers I may induce that it may be
secure if:

- you choose a strong root password
- there are no other users on the box
- constrain logins to certain ip addresses.

I think if you allow users on the box, you run a much
larger risk anyway not? Hacking root from a local
account is much easier than hacking root remotely.

I did not see defenders of the default redhat/fedora setup.

But your answers still convinced me that though there
are valid reasons to use local user accounts together with sudo,
they do not necessarily apply to the setups I use.

Thanks,
Ron



Relevant Pages

  • Re: Allowing remote root login seems to be bad. Why? (SUMMARY)
    ... remote root login, for the following reasons: ... Why take the chance that someone cracks the root account. ... this is more secure than allowing remote root logins with a single strong root password. ...
    (SSH)
  • Re: several questions
    ... > reasons be?And how could I restore the users account with least loss? ... Log in as root - ONE ... editor like vi or dtpad that doesn't do any locking, ... > them from editing the password at the same time and let them edit it ...
    (comp.unix.solaris)
  • Re: Error: 17883, Severity: 1, State: 0
    ... It could be due to various reasons. ... This is a just a health detection message. ... To find the root cause, ... 818 did fix many other bugs and gave better error message and created mini dump when 17883 was generated. ...
    (microsoft.public.sqlserver.clustering)
  • Re: root login with telnetd
    ... without telneting to some user and then su - ... My reasons for this being a bad idea isn't so much from concerns about ... but it's more an issue of accountability. ... the root password on various machines. ...
    (freebsd-questions)
  • Re: running programs as root in KDE
    ... teething troubles don't discourage you. ... Sometimes the DISPLAY variable can be reset and get the "su -" root ... execute GUI programs as root. ... Perhaps you already know the reasons why ...
    (Fedora)