[Novalug] RHEL question RE service start configuration
John Holland
jbholland at gmail.com
Mon Mar 5 19:39:22 EST 2012
Dan,
I know you are speaking the standard wisdom but I have a question. If
you set up sudo to give you root,
then your user-level password is effectively a root password. How is it
any safer to send that over the network ?
I think you may reply that your sudo would only be able to run a few
specific commands. If you can be that disciplined, I guess then it makes
some sense. But wouldn't that require carefully selecting those commands
while in front of the box? That might be a hard thing for someone not
sure what they want to run.
The reason I say this is my initial response to Jay was that he could
ssh to localhost as root in order to get a root GUI window for the one
(GUI) command he needed to run as root. I think this only works though
if you are allowing root ssh logins.
John
On 03/04/2012 12:59 PM, Dan Lavu wrote:
> Jay,
>
> They are two major reasons why you should not directly log in as root. Through SSH, you do not want send *the* password across the network if you do not have to. ....................sudo..............
More information about the Novalug
mailing list