Re: Rename root to avoid hacking?
From: Carlos Moreno (moreno_at_mochima_dot_com_at_xx.xxx)
Date: 09/24/05
- Next message: Stefan Monnier: "Re: Make new files have different owner/group"
- Previous message: Robert Nichols: "Re: iptables corrupt?"
- In reply to: Colin McKinnon: "Re: Rename root to avoid hacking?"
- Next in thread: Grant: "Re: Rename root to avoid hacking?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 24 Sep 2005 12:14:10 -0400
Colin McKinnon wrote:
> but who in their right mind actually allows users to
> logon as root anywhere but on the console? (OK, SuSE for one - the default
> sshd_config permits root logins).
Two things:
1) Not only SuSE -- RedHat (at least RH9 and the new Fedora flavors) do
that.
2) Depending on the application, a box that doesn't allow root login
other than sitting at the console may not be an option -- we do have
dedicated servers that, for us, are remote. Period. We *have to*
access them remotely, most of the time as non-root, but once in a
while we need to login as root. Sure, we do not allow *direct* SSH
login as root... Perhaps that's really what you meant?
Carlos
--
- Next message: Stefan Monnier: "Re: Make new files have different owner/group"
- Previous message: Robert Nichols: "Re: iptables corrupt?"
- In reply to: Colin McKinnon: "Re: Rename root to avoid hacking?"
- Next in thread: Grant: "Re: Rename root to avoid hacking?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
