Mike Branda wrote:
> I do realize the security risk of root in this scenario.
> [snip] Justification for the risk [/snip]
I guess the main idea is, if remote users log in as root, you just see
everything that's been done as having been done by root. So in the event
of a compromise, it's that much harder to track down the problems, and
what the intruder did, since it was all done by the same account you use
for regular maintenance. So ideally, you have another account,
specifically for ssh, which for one, you can disable when you don't need
to ssh in, and that will allow you to log session where that user su'd
to root and thus seperate root's ssh actions from root's local actions.
Alternatively, you could enable your ssh user to perform those specific
tasks, without giving them full root provileges, but that's not ideal
security practice either.
(by the way, someone learn me up if I'm way off base here...I've just
put this together mainly from conjecture)
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:02:32 EDT