Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] remote admin: ssh vs. webmin
  • From: John Andersen <jsa@xxxxxxxxxxxxxx>
  • Date: Wed, 9 Jan 2002 21:42:30 -0900
  • Message-id: <200201100642.g0A6gU721022@xxxxxxxxxxxxxx>
On Wednesday 09 January 2002 11:39 am, Matt Hubbard wrote:
> List,
> I know that I shouldn't log in remotely as root via ssh, but how can I
> start/stop networking daemons or manipulate config files in the /etc
> without this level of access?

If you have a good password its no less safe to log in with ssh
than it is to su after login. The password is sent encrytped.

Also if you use a private key file generated on the remote host
and downloaded to your workstation (ssh-keygen) the password
is never transmitted over the link, encrypted or not-encrypted.

Once you are using ssh it becomes the LEAST likely route
of compromise. I'd worry about other exposures first.

John Andersen / Juneau Alaska

< Previous Next >
Follow Ups