Security Basics mailing list archives

RE: Is SSH worth it??

From: "Graham, Randy (RAW) " <grahamrw () y12 doe gov>
Date: Mon, 14 Oct 2002 15:21:28 -0400

You ssh as a normal user and then use 'su -' to switch over to root.
Without that, you have no way of knowing who connected to a server as root.
By forcing connections as normal users and using su, you can have some
auditing (to prevent the "I didn't do it" syndrome).

Randy Graham
-- 
When in danger\or in doubt\run in circles\scream and shout!

-----Original Message-----
From: Chris Berry [mailto:compjma () hotmail com]
Sent: Thursday, October 10, 2002 12:53 PM
To: security-basics () securityfocus com
Subject: Re: Is SSH worth it??

From: Johan De Meersman <johan () ops skynet be>
I don't think it's ever a good idea to allow root ssh to any machine


Why not?  Also, how are you going to remote administer it 
without some sort 
of control SSH, VNC, etc?

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"I have found the way, and the way is Perl."


_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com

Current thread:

Re: Is SSH worth it?? David Corking (Oct 15)
- <Possible follow-ups>
- RE: Is SSH worth it?? Graham, Randy (RAW) (Oct 15)
- Re: Is SSH worth it?? Johan De Meersman (Oct 15)
  - Re: Is SSH worth it?? David Corking (Oct 17)
    - Re: Is SSH worth it?? Johan De Meersman (Oct 18)
    - Re: Is SSH worth it?? David Corking (Oct 21)
    - Re: Is SSH worth it?? Richard Caley (Oct 21)
- Re: Is SSH worth it?? David Corking (Oct 16)
- RE: Is SSH worth it?? Chris Santerre (Oct 16)
  - Re: Is SSH worth it?? Devdas Bhagat (Oct 17)
  - Re: Is SSH worth it?? David Corking (Oct 17)
  - Re: Is SSH worth it?? Johan De Meersman (Oct 17)

(Thread continues...)