[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: ssh V1 / RootLogin disable [was: Building OpenSSH]

From: Aaron Konstam <akonstam Trinity Edu>
To: shrike-list redhat com
Subject: Re: ssh V1 / RootLogin disable [was: Building OpenSSH]
Date: Thu, 19 Jun 2003 19:38:16 -0500

On Thu, Jun 19, 2003 at 12:45:17PM -0600, Rodolfo J. Paiz wrote:
> At 6/17/2003 08:18 +0100, you wrote:
> >I have access to a machine in Germany where I log in with ssh and then do 
> >an su to root.   The extra step adds no significant extra security -- 
> >although I'd be happy be wrong and for someone to explain why it does.
> 
> There are a few simple but effective reasons:
> 
>          1. The cracker must then guess a valid username in order to log 
> in. Not only a valid user, but one who is in the wheel group and has access 
> to becoming root (i.e. with permissions to use /bin/su).
I have never sen a mchine where you have to be in the wheel group to
use su. I assume you can set it up that way.
-- 
-------------------------------------------
Aaron Konstam
Computer Science
Trinity University
715 Stadium Dr.
San Antonio, TX 78212-7200

telephone: (210)-999-7484
email:akonstam trinity edu

Follow-Ups:
- Re: ssh V1 / RootLogin disable [was: Building OpenSSH]
  - From: Craig White

References:
- Re: ssh V1 / RootLogin disable [was: Building OpenSSH]
  - From: ___cliff rayman___
- ssh V1 / RootLogin disable [was: Building OpenSSH]
  - From: shrek-m gmx de
- Re: ssh V1 / RootLogin disable [was: Building OpenSSH]
  - From: Gordon Pritchard
- Re: ssh V1 / RootLogin disable [was: Building OpenSSH]
  - From: Andrew Smith
- Re: ssh V1 / RootLogin disable [was: Building OpenSSH]
  - From: John Haxby
- Re: ssh V1 / RootLogin disable [was: Building OpenSSH]
  - From: Rodolfo J. Paiz

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]