Hi Matt, no mater which way you choose - it'll never be completely secure as long as the box is on the internet. Make sure, that you're logging into the right machine (you should know the RSA1 key fingerprint) and log in as a normal user, do as much as you can with this account and su to root if you have to. If your giving some special user more privileges then you can use root right away - a cracker will have enough priviliges either way (manipulate config-files, starting network-services). Best regards, Ralf Ronneburger Matt Hubbard wrote:
List,
I know that I shouldn't log in remotely as root via ssh, but how can I start/stop networking daemons or manipulate config files in the /etc without this level of access? Should I use something like webmin instead? Can I create a user that has write privileges in the /etc directory and should this user be capable of starting /stopping network daemons? Just looking for direction on this subject.
Thanks,
Matt Hubbard