[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh authentication

On Tue, Nov 28, 2000 at 07:20:37PM +0100, robert_wilhelm_land wrote:
> > As root in root's home directory, make .Xauthority a symbolic link to
> > your normal user's .Xauthority file (or set the XAUTHORITY environment
> > variable to the location of that file). Then you can just run X programs
> > while inside 'su'.
> This works nicely - thank you very much!

No!  Don't do this!  By doing so you are lowering the security level of
your machine down to your user account.  It's bad enough that security
depends on a root account; it should *never* depend on a user account.

> Nevertheless I tried to use ssh on the local mashine called MINI while
> logged in as user "rland" and using one of the xterm's:
> ssh -l root MINI
>  - the system then prompts me for the password and I keyed the root
> password. Reaction - "permission denied"
> There must be something I had missed.

Yes.  By default Debian ships with root logins disabled.  This is a
security measure, and a good thing.  You could go mucking about with the
PAM configs and change this, but it's better to log in as a user and use
su/sudo.  Another person responded to your mail and suggested using
xauth to allow root to access your X server.  This is the right way to
do it.


| Web: http://web.morgul.net/~frodo/
| PGP Public Key: http://web.morgul.net/~frodo/mail.html 

Attachment: pgp1x0DNVB5cT.pgp
Description: PGP signature

Reply to: