Mailinglist Archive: opensuse (911 mails)

< Previous Next >
Re: [opensuse] Logging in as root an Leap
On Tue, Dec 1, 2015 at 12:42 PM, jdd <jdd@xxxxxxxxx> wrote:
Le 01/12/2015 11:42, Roger Price a écrit :

On Tue, 1 Dec 2015, Koenraad Lelong wrote:

Is it possible to log in as root just after booting ? I only get my
non-root user as a possible user.


To my surprise, ssh -X -Y root@<Leap-box> from some other box works.

Roger

you can su from any konsole

you can also manage the displayed users in kde config (root is not there to
prevent people from logging a graphical root, which is really unsecure

Don't want to start a religious war here, but...

I always see this claimed. Why? What can you do in the GUI that you
cannot just as easily do from the command line? Being a command line
orientated user, I think I can easily and accidentally do more damage
there than in the GUI.

I guess the idea is that the root user can delete things easier from
the GUI (not 100% sure I agree) than from the command line. But then
again, the GUI has a trash where I can potentially get things back.
Not so from the command line. And the GUI can ask for confirmation.
Not so the command line.

And speaking of insecure, root login via ssh, which is enabled, must
be more insecure than via the GUI. Maybe I am sensitive to this
because of a recent ssh-based Trojan I had to eradicate from an
openSUSE server here. I don't see how that Trojan would have made it
in to the system via the GUI login.

If the users know the root password, not allowing GUI login of root
is, I think, a false sense of security. If they do not know the
password, then what difference is there if root is in the GUI login?

--
Roger Oberholtzer
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >