Re: Why Disable Root ssh login?

[Steve Lamb <grey@dmiyu.org>]

Olive wrote:
> This answer in't entirely convincing. For example if you can sudo with
> the normal password account, I do see any difference in security in
> allowing root ssh or not.

    Operative word, "if".  That's a big series of ifs.

    If sudo is installed.

    If it is configured to allow someone full root access with just their
password.

    If the hacker finds that account.

    If the hacker can crack that account.

    All of that is uncertain.  However, when it comes to root, it's pretty
much a given the username is "root" and the password will, not if, get you
root access.

    As an example look at my system(s).  I have a handful of accounts.  Some
for friends and family, some for processes I don't want trampling all over my
hard drive, and in the middle of that is mine.  Mine is the only one that has
any sudo access at all.  Even so the sudo access I give myself is extremely
limited and nowhere near full access.  So compare bare root versus your if on
my real world example.

    Bare root:  username known, password unknown.

    My account: username known (presuming they read this), password unknown,
sudo installed, minimal programs given root access, root's usename known,
password unknown.

    Which looks more secure to you?