Re: ssh, su and root access

To: debian-user@lists.debian.org
Subject: Re: ssh, su and root access
From: Andrea Vettorello <andrea.vettorello@gmail.com>
Date: Mon, 1 Nov 2004 13:53:21 +0100
Message-id: <[🔎] 7d54402404110104534256e4e0@mail.gmail.com>
Reply-to: Andrea Vettorello <andrea.vettorello@gmail.com>
In-reply-to: <[🔎] 200411011211.51896.llana@sip.ucm.es>
References: <[🔎] 200411011211.51896.llana@sip.ucm.es>

On Mon, 1 Nov 2004 12:11:48 +0100, Luis Fernando Llana Díaz
<llana@sip.ucm.es> wrote:
> Hi all,
>   I have a doubt. I ussually use ssh to access remote machines without sending any password
> (PasswordAuthentication no) and I store private keys with the help of ssh-agent.
>   This is valid also to login as another users (including root) in the local machine
> (ssh root@localhost). With the help of ssh agent, on can open several root sessions by only
> asking one password: the one of my private key "id_rsa". In this way I void tping a root password any time
> I want to be root.
> It is very easy for me to work this way, but I would to know if there could be aware of any possible
> security problems to do so. The only problem is that if I make ssh root@localhost, its gain root privileges
> whitout asking any password.
> 

I think you'll find a lot of discussions (flamewars?) about the
subject. Try looking with google about security benefits of keys
versus plain text passwords.


Andrea

Reply to:

References:
- ssh, su and root access
  - From: Luis Fernando Llana Díaz <llana@sip.ucm.es>

Prev by Date: Re: apache reload v. apache restart
Next by Date: Re: apache reload v. apache restart
Previous by thread: Re: ssh, su and root access
Next by thread: apache reload v. apache restart
Index(es):
- Date
- Thread