Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Modify Remote Login server to block scripted attacks' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Modify Remote Login server to block scripted attacks
Authored by: Ronaldinho on Feb 12, '05 03:47:11PM

Dumb question:

If I have root access disabled via Netinfo Manager, do I have to worry about somebody logging in as root via SSH.

Can I still use sudo in terminal?



[ Reply to This | # ]
disable root, sudoers
Authored by: gatorparrots on Feb 13, '05 02:43:52PM
The answers to your questions are "no" and "yes."

By default, root is disabled (as indicated by the "*" in the passwd field in the NetInfo database). One suggestion I might make is to go ahead and enable the root user in NetInfo Manager and assign a strong, nontrival password. Then, disable the root user again. This marginally increases the security of your system. But of course, there are many ways to reset the System Administrator's password...

The sudoers file indicates:

# User privilege specification
root    ALL=(ALL) ALL
%admin  ALL=(ALL) ALL
In other words, anything root can do, an admin user can do.

[ Reply to This | # ]
disable root, sudoers
Authored by: JohnnyMnemonic on Feb 13, '05 06:51:43PM

In other words, anything root can do, an admin user can do.

Including becoming root. If you can sudo, you can "sudo -s", which gives you persistent root access.

The only advantage is that, if you disable root, you can restrict who is able to sudo. That is, "root" is a guessable user name, but perhaps the single user that you've allowed to sudo is not. Otherwise it appears to be just as much of a security issue.

[ Reply to This | # ]