Re: how to make Debian less fragile (long and philosophical)
On Fri, Aug 20, 1999 at 09:20:58PM +0200, Marek Habersack wrote:
> So, indeed, the only reasonable way is to create another UID 0 account which
> would allow ssh login with a static shell. However, to minimize the burden
> of password maintenance of two privileged accounts, I think the account
> should have a * as a password and RSA/DSA should be used to log onto that
> account. It seems to me it's quite a secure method and one that requires the
> potential user of this way of logging onto that account to set it up and
> thus to understand the way things work. Comments?
In that case you wouldn't be able to 'su' to the static root shell; and
you wouldn't be able to log in on the console.
Justin
Reply to: