Joe Zappa írta:
Istvan Gabor wrote:
I would like to help users by logging in through VNC session. Since the user doesn't have strong password I don't allow to log in the user through ssh. Instead I log in in my name and then su to that user and start the vncserver. Briefly:
ssh is encrypted, even the user authentication, which means that logging in as the user is LESS dangerous than logging in as you (sending your password) and then su-ing to the user (sending the user's password).
I don't understand why it is less secure if the passwords are encrypted. Because of 2 passwords are sent? I don't get the logic.
Anyway, my concern is not MY ssh connection. As I mentioned the user's password is weak, easy to guess; some can log in my system by guessing it. That's why I don't allow its remote login. My password is strong, I'm not afraid of being guessed.