On Fri, May 17, 2019 at 9:09 AM Mauricio Tavares <raubvogel@xxxxxxxxx> wrote: > > On Fri, May 17, 2019 at 8:24 AM Stephen Gallagher <sgallagh@xxxxxxxxxx> wrote: > > 3) Force Anaconda to require the creation of a non-root user that is a > > member of the `wheel` group, so that this user can be used to SSH in > > and administer the system. Essentially, remove the root user creation > > spoke as an option from the interactive install. > > That seems similar to the approach adopted by ubuntu and it has > worked. With that said, I do not see the difference between ssh'ing > using an user in the wheel group vs root as both can do the same. But > that is me. Being able to tell who sudo'ed, yes. There are two big advantages here: 1) As you pointed out, you have the sudo log to inform you of which user took the action. 2) It confounds automated attack scripts. Unless your admin user has a well-known or easily-guessable name, automated attacks will probably not know what user to try. 'root' is a big target at least in part because it always exists. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
