The right answer varies according to environment and personal taste. But the default setting has to be right for the inexperienced user who may not have a clue about key-based logins but has worked out how to set up password logins. For what it is worth I set up systems so that even if someone manages to discover the root password it is no use to them unless they either have physical access to the computer or else they also guess an administrator's regular unprivileged password. I regard that as a useful extra protection, especially on a system where there are hundreds of legitimate users but only 3 administrators allowed to use su. Bob Vickers On Thu, 7 Oct 2004, Selcuk Ozturk wrote:
If the communication is encrypted, why is connecting as an unpriviledged user via ssh and then doing a su to root safer than connecting as root directly? Is the encryption of initial password or key verification less secure than data encryption. Or, is it to protect against dictionary attacks? What is to stop an intruder to run a dictionary attack to a regular user and then once successful run a second one with su? Yes, requiring two attacks might decrease chance of success. But, if this is the only reason then allowing only key based login is probably a lot safer than just disallowing root. Am I missing something here?
Selcuk
============================================================== Bob Vickers R.Vickers@cs.rhul.ac.uk Dept of Computer Science, Royal Holloway, University of London WWW: http://www.cs.rhul.ac.uk/home/bobv Phone: +44 1784 443691