Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'To all who believe in the sudo myth' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
To all who believe in the sudo myth
Authored by: babbage on Sep 30, '09 12:46:29PM

You let people log in as root via ssh ?

You are a very brave person.

And I'm glad I don't work with you. :-)



[ Reply to This | # ]
To all who believe in the sudo myth
Authored by: corienti on Sep 30, '09 02:46:07PM

I let a select set of people - that is, the unix team - ssh in as root.

Noone else can, naturally.

In internet-facing interfaces, I also use source IP filtering, and root can only login using ssh key, not via password.
And I also have the firewall configured to block IPs retrying connections too rapidly.

SSHing as root is quite as safe as anything else as long as you restrict it to the right people and put the appropriate security measures around it.

[ Reply to This | # ]