Re: Getting ready for CentOS 5.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Michael A. Peters wrote:

>> Errr, why is it easier to get an admin user's name and password than the 
>> root password?
> 
> Because typically you only allow root login via console or an existing 
> login.

I don't see how that relates to the question.

> You can brute force a user password (or sniff if the admin is lazy in 
> how they connect - IE not using proper pass phrase, MITM attacks - 
> possible with the SSH bug that Debian/Ubuntu had) etc. but normally the 
> root account is disabled from remote login so it can't be remotely brute 
> forced or sniffed.

Normally?  As in a default install?

> What you normally do is give sudo access to the commands (or wrappers to 
> the commands) that a particular sysadmin might need to use but you don't 
> give them full root access, thereby limiting the damage that can be done 
> should their password be compromised.

Who is 'them'?   And if you haven't shared the root password, what 
happens when you get hit by a bus?

-- 
   Les Mikesell
    lesmikesell@xxxxxxxxx

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux