Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] remote admin: ssh vs. webmin
  • From: Bob Vickers <bobv@xxxxxxxxxxxxx>
  • Date: Thu, 10 Jan 2002 11:24:32 +0000 (GMT)
  • Message-id: <Pine.OSF.4.33.0201101118260.6286-100000@xxxxxxxxxxxxxxxxxxxxx>
My preferred setup is to restrict access to /bin/su (using chgrp and
chmod) so that only administrators can use it. That way a cracker needs to
discover *two* passwords to become superuser. So there is some benefit in
banning root logins via ssh.

Bob

On Wed, 9 Jan 2002, John Andersen
wrote:

> On Wednesday 09 January 2002 11:39 am, Matt Hubbard wrote:
> If you have a good password its no less safe to log in with ssh
> than it is to su after login. The password is sent encrytped.
>


==============================================================
Bob Vickers R.Vickers@xxxxxxxxxxxxx
Dept of Computer Science, Royal Holloway, University of London
WWW: http://www.cs.rhul.ac.uk/home/bobv
Phone: +44 1784 443691


< Previous Next >
Follow Ups
References