1 |
One point you may want to take into account is the audit trail you get from |
2 |
sudo. I think it's far better to see who actually logged in and then what |
3 |
they did. I turn off ssh root login on all my machines, period. My admins |
4 |
must log in as themselves and then sudo when they need to. I can then see |
5 |
login activity and sudo activity for any individual with little deniability. |
6 |
Also, in my experience, simply move the SSH port somewhere other than 22. |
7 |
I've moved it off that port on most systems and the script kiddies have |
8 |
simply vanished. It will keep your logs much cleaner! |
9 |
-- |
10 |
gentoo-server@g.o mailing list |