| 1 |
Am Montag 09 Februar 2009 14:15:35 schrieb Nikos Chantziaras: |
| 2 |
> Heiko Wundram wrote: |
| 3 |
> > Am Montag 09 Februar 2009 13:37:31 schrieb Nikos Chantziaras: |
| 4 |
> >> Stroller wrote: |
| 5 |
> >>> I install sudo, give my user wide sudo rights and then set |
| 6 |
> >>> "PermitRootLogin no" in /etc/ssh/sshd_config. |
| 7 |
> >>> (Critique of this measure welcomed). |
| 8 |
> >> |
| 9 |
> >> Since Hung already answered about the other problem, I'll just comment |
| 10 |
> >> on this. |
| 11 |
> >> |
| 12 |
> >> It's a bad idea if the machine is open to the Internet, especially since |
| 13 |
> >> it's easy to simply "su -" or "sudo" as a normal user. |
| 14 |
> ... |
| 15 |
> Er, didn't I actually say the same? If other people have network access |
| 16 |
> to the machine, disable root. You misunderstood something. |
| 17 |
|
| 18 |
Err, no, you didn't say the same, at least not considering your quote (I |
| 19 |
didn't read the OP): |
| 20 |
|
| 21 |
Reading the above, you said that "PermitRootLogin no" is a bad idea (i.e., |
| 22 |
disabling root login via SSH is a bad idea), whereas I said the exact opposite |
| 23 |
(and you meant the exact opposite). |
| 24 |
|
| 25 |
But, as you meant the same as me, forget what I said or just take my rant as a |
| 26 |
clarification of your point. ;-) |
| 27 |
|
| 28 |
-- |
| 29 |
Heiko Wundram |
| 30 |
Gehrkens.IT GmbH |
| 31 |
|
| 32 |
FON 0511-59027953 | http://www.gehrkens.it |
| 33 |
FAX 0511-59027957 | http://www.xencon.net |
| 34 |
|
| 35 |
Gehrkens.IT GmbH |
| 36 |
Strasse der Nationen 5 |
| 37 |
30539 Hannover |
| 38 |
|
| 39 |
Registergericht: Amtsgericht Hannover, HRB 200551 |
| 40 |
Geschäftsführer: Harald Gehrkens, Daniel Netzer |
Archives