Problem with ssh connection
Pieter Dumon
pieter.dumon at gmail.com
Thu Oct 26 13:54:32 PDT 2006
If I would use your settings, all my colleagues could grab the key to
the computer room, log in on the console, su to root and just access
each other's stuff ? Doesn't look very attractive to me. What am I
not getting here ?
If your console is marked as being secure in /etc/ttys, yes. You don't
have to mark it as secure. I suppose in a large machine room that many
people have access to you wouldn't want to do that, or if you are
running your consoles into terminal servers. But you can still have a
blank password to allow wheel to 'su' to root in those situations
and simply require that the person on the console (if not marked secure)
login as themselves and then su. At least then you have a record of
whos account was used to access root.
For most situations there is no point having a password associated
with root... it won't be any more secure then not having a password
at all.
-Matt
Matthew Dillon
<dillon at xxxxxxxxxxxxx>
More information about the Users
mailing list