Separate telnet/email & ssh users???
I tore down my redhat box and installed debian about 3 days ago. I decided
to use separate users and passwd for each telnet and email.
User#1: standard unsecure telnet cuteftp and Eudora.
User#1 has no shell access and is restricted to public "html" files
User#2: CRTssh program
User#2: ssh shell access, but not "su".
The idea is that until eudora and cuteftp come out with their new "shh"
secure versions in a few months, the user names and passwords of user#1 are
not a security risk. Why I could even post them on my root page and taunt
hackers to try and break in with them! I could even offer a 1000 prize for
anyone who can crack and hack their way in! (I saw that done at another
site... real neet!)
What do you think?