Re: passwordless root login

To: Debian User List <debian-user@lists.debian.org>
Subject: Re: passwordless root login
From: Derrick 'dman' Hudson <dman@dman13.dyndns.org>
Date: Tue, 14 Oct 2003 13:02:20 -0400
Message-id: <[🔎] 20031014170220.GA5371@dman13.dyndns.org>
Mail-followup-to: Debian User List <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20031014163437.GG27927@fieldses.org>
References: <[🔎] 20031012223032.GC7605@fieldses.org> <[🔎] 20031014150603.GG4461@ursine.ca> <20031014153750.GD27927@fieldses.org> <[🔎] 20031014154112.GC31350@ursine.ca> <[🔎] 20031014163437.GG27927@fieldses.org>

On Tue, Oct 14, 2003 at 12:34:37PM -0400, J. Bruce Fields wrote:
| On Tue, Oct 14, 2003 at 08:41:12AM -0700, Paul Johnson wrote:
| > Please don't reply to something on-topic in private.  Sending back to
| > the list...
| 
| I thought it was getting a little off-topic, but OK.
| 
| > On Tue, Oct 14, 2003 at 11:37:50AM -0400, J. Bruce Fields wrote:
| > > On Tue, Oct 14, 2003 at 08:06:03AM -0700, Paul Johnson wrote:
| > > > 
| > > > On Sun, Oct 12, 2003 at 06:30:32PM -0400, J. Bruce Fields wrote:
| > > > > I'd like to configure a debian box to allow root logins without a
| > > > > password; what do I need to do?
| > > > 
| > > > Get a clue!  This is *NOT* something you ever want to do!
| > > 
| > > So your VCR prompts you for a root password every time you switch it on,
| > > does it?
| > 
| > Not the same.
| 
| Why not?

The difference I can see is:
    .   your VCR doesn't have personal information on it (eg name,
            contact info, maybe even financial information)
    .   your VCR doesn't have your work on it (eg papers, projects,
            homework, reports, etc.)
    .   your VCR doesn't store and/or handle personal communication
            (email, typed business or personal letters)
    .   your VCR is not connected to any other systems making it
            _possible_ for someone to remotely control it or obtain
            information from it
    .   the worst a malicious user can do with your VCR is change the
            clock, watch a video, or erase a valuable video (assuming
            they have that valueable video cassette in hand)

| I'm told that there are actually VCR-like devices out there
| running linux; for all I know they could be debian-based.

TiVO?  Yeah, it's linux-based (or so I'm told).  You don't have root
access to it, though, AFAIK (unless you take the hard drive out and
alter it using a separate machine).

| My particular situation is this:

I can imagine there could be situations where strict control is not
such a concern.  Whether or not you have such a situation is for you
to determine.  I just wanted to point out the flaws/limitations in the
VCR comparison.

-D

-- 
> SELECT * FROM users WHERE clue > 0
0 rows returned
                    (http://www.thinkgeek.com/images/products/zoom/no-clue.jpg)
 
http://dman13.dyndns.org/~dman/

Attachment: pgp9CW6RtZNUD.pgp
Description: PGP signature

Reply to:

References:
- passwordless root login
  - From: "J. Bruce Fields" <bfields@fieldses.org>
- Re: passwordless root login
  - From: Paul Johnson <baloo@ursine.ca>
- Re: passwordless root login
  - From: Paul Johnson <baloo@ursine.ca>
- Re: passwordless root login
  - From: "J. Bruce Fields" <bfields@fieldses.org>

Prev by Date: no network access on new install
Next by Date: Re: Decent browsers for Linux? Anything to replace IE?
Previous by thread: Re: passwordless root login
Next by thread: Re: passwordless root login
Index(es):
- Date
- Thread