Re: root via ssh / why su - ?
hi ya karsten
> I've seen mysterious (and bad) things happen on systems which had (very)
> commonly known root passwords and for which root ssh logins were
> allowed. That's simply idiotic, and we had the wiped disks to prove it.
yup.... inhouse security is more prevelent than from the outside coming
in ??? ( guessing )
> On my own boxen, root passwords were changed from defaults, and root ssh
> denied. I actually stood down my system administrator telling him he
> had no need for a root password on the box -- he could administer the
> box locally if need be, I didn't trust his security management
> (passwords were kept in an Excel spreadsheet -- he didn't last long).
humm...smart... why bother have a "secret passwd" if ya gonna write it
down... oh well...
> If he wanted to request my passwords, he could go higher up for the
> request (and I'd have complied). Higher up didn't trust his judgement
> either.
if he has root passwd etc... whould would he care abut your passwd ??
if he didn't have root pwd and is the system admin that supposed to
be responsible.... and he dont know how to become root... maybe its
time for them to get their MSCE certificate updates and a new NT job ??
user passwd should not be affected... it wont matter to a user
called "root" ( or uid == 0 )
"shared root passwd" is a very bad thing.... lots of finger pointing
the other way..... "ask mikey... mikey did it!! "...
c ya
alvin
Reply to: