Re: [suse-security] Secure root alias logins

Markus Gaugusch writes:

On Jan 15, keith.anthony.roberts@bigfoot.com

...

Surely it would be more difficult for any attacker to break into Linux if they did not know the username for the root account? [...] When a NEW installation of Linux is done, allow the root user to select their -*OWN*- unique username for the root account in YaST, instead of the default 'root' username. In fact you should disable remote login for root via password (and maybe even with ssh key), and only allow a normal user to get root using su. Your method is likely to break stupid/legacy programs and does not increase security.

I agree with you, that disabling remote root login via ssh is an important security measure. It's also a fact that renaming the root account breaks at least some important programs on every distribution I know (being SuSE, Mandrake and Debian). But even if a public service, for example ssh, is configured not to let "root" login remotely, a security hole may enable an attacker to do so nevertheless. Therefore renaming the "root" login however CAN delay a successfull hack, just depending on the kind of security hole. This can give the administrator the time needed to fix the security hole. Actually renaming the root login is a security measure recommend in many papers about security around. So I would like to support this request, although it's IMHO not very likely to be implemented. There's just too much software involved. Best regards, Matthias