[Novalug] ssh as root ( was Re: RHEL question RE service start configuration)

Jason Kohles jkohles@palantir.com
Tue Mar 6 09:59:25 EST 2012


The main reason people block direct root login isn't to avoid sending the
root password over the network, it's for accountability.  If you have to
login as yourself and then use sudo to get root access, then when the
server breaks I can look at the logs and see who the last person to login
as root was.  If you restrict what commands they can run through sudo (so
they can't just get a root shell) then you can log every command that gets
run as root..

-- 
Jason Kohles
Palantir Technologies | UNIX Systems Engineer
jkohles@palantir.com  | 703.957.5784







On 3/6/12 9:49 AM, "Xavier Belanger" <tux@belanger.fr> wrote:

Hi,

> I know that blocking root login via ssh is standard, but I've never
> understood why.

There is so many bots trying to bruteforce root ssh access...

You probably use a good password, but it's a good rule for a lot
of people I guess.

Bye.
-- 
Xavier Belanger
_______________________________________________
Novalug mailing list
Novalug@calypso.tux.org
http://calypso.tux.org/mailman/listinfo/novalug
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4634 bytes
Desc: not available
URL: <https://lists.firemountain.net/pipermail/novalug/attachments/20120306/85a5006a/attachment.p7s>


More information about the Novalug mailing list