[Gllug] Debian SSH not letting root login anymore?
Rich Walker
rw at shadow.org.uk
Wed Nov 9 16:12:13 UTC 2005
Alain Williams <addw at phcomp.co.uk> writes:
> On Wed, Nov 09, 2005 at 03:48:35PM +0000, Rich Walker wrote:
>>
>> Hi,
>>
>> I recently upgraded one of our machines, and now can't do
>>
>> ssh -X root at thoth
>>
>> to it any more.
>
> Quite right too.
>
> ssh as yourself and then 'su'.
I want X forwarding across a minimum number of connections.
>
> Why? If you type 'who' and just see a set of root logins, do you know who is really
> using the machine ? Also: by making someone login & then go su, you ensure that
> 2 passwords are needed to crack the system -- makes things a tiny bit
> more secure.
This box is inside the firewall, and has no ports forwarded outside the
firewall. Yes, I'm sure it *could* be cracked, but the admin. pain of
not being able to ssh to root on it (and probably any other boxes if
they get the same config) is so much higher than the possible damage
from cracking...
cheers, Rich.
--
rich walker | Shadow Robot Company | rw at shadow.org.uk
technical director 251 Liverpool Road |
need a Hand? London N1 1LX | +UK 20 7700 2487
www.shadow.org.uk/products/newhand.shtml
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list