| gabriel rosenkoetter on Mon, 1 Jul 2002 05:20:10 +0200 |
|
On Sun, Jun 30, 2002 at 09:38:26PM -0400, John Lavin wrote: > christophe barbé said: > > My understanding was that it was bad because the root password goes > > through the network in clear and then it was better to log as a normal > > user and then su to root. > Your password still goes in the clear. A su is harder to detect than a login prompt, though. All you have to do is grab the first 4k or so after a TCP/IP handshake on the server's port 22, and you've got the password if someone actually logs in as root. > The only issue with adding authorized keys for root is that if someone > gains root on your local machine, they have it on the remote one as > well. Even if it is inconvenient, it is safer to su after a ssh login > as yourself IMHO. No, it really is less safe, as it really does pass a shared secret over the wire, which is a terrible idea under any circumstances. We have better ways of handling this situation now, so use them. I don't know about you, but my workstation is *clearly* more secure than any of the servers I administrate. -- gabriel rosenkoetter gr@eclipsed.net Attachment:
pgpcUIX2xoeB9.pgp
|
|