| 1 |
One point you may want to take into account is the audit trail you get from |
| 2 |
sudo. I think it's far better to see who actually logged in and then what |
| 3 |
they did. I turn off ssh root login on all my machines, period. My admins |
| 4 |
must log in as themselves and then sudo when they need to. I can then see |
| 5 |
login activity and sudo activity for any individual with little deniability. |
| 6 |
Also, in my experience, simply move the SSH port somewhere other than 22. |
| 7 |
I've moved it off that port on most systems and the script kiddies have |
| 8 |
simply vanished. It will keep your logs much cleaner! |
| 9 |
-- |
| 10 |
gentoo-server@g.o mailing list |
Archives