Re: [PLUG] log as root or not ?

gabriel rosenkoetter on Mon, 1 Jul 2002 11:34:20 -0400

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] log as root or not ?

From: gabriel rosenkoetter <gr@eclipsed.net>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] log as root or not ?

Date: Mon, 1 Jul 2002 11:33:52 -0400

Mail-followup-to: plug@lists.phillylinux.org

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

User-agent: Mutt/1.4i

On Mon, Jul 01, 2002 at 10:25:19AM -0400, Jesse P Schultz wrote: > I have been reading from the beginning and i am aware that the issue has > to do with whether the root password is going in the clear. There has been a repeated misuse of the term "in the clear". Several people have used it to refer to sending a password, either for authentication or in response to su(1)'s password prompt, over an encrypted channel. This is, obviously, incorrect usage. Sending the root password in the clear was never intended to be suggested by either Christophe or myself. > It does not matter whether you initially log in as root or su, if it's > encrypted (SSH) it's encrypted, if it's not (Telnet) it's not, and > using su only makes it difficult for a hacker who is not trying very > hard. MITM is , of course a possibility on an encrypted connection and > digital certificates will help with that. > > My argument however, is that the issue is moot simply because you are > trying to find a safest way to engage in a bad practice. Logging > in as root is a bad practice no matter how secure the connection is. No, it's not. Actions that must be taken as root must be taken as root, and remote system maintenance happens in the real world. The reason that logging in to the root account using PKI is more secure than logging into your regular account (however) and then using su(1) (or sudo, for that matter, which should be considered a usage convenience and NEVER a security measure) is that the no shared secret is ever sent across the wire. This makes a mitm attack totally impossible, provided there's not feasible attack on the PKI protocol in use. In the real world, there certainly exist plausible attacks against either DSA or RSA SSH-2 authentication, but these attacks take a significantly longer time to brute force than user passwords. > Is there an actual need to use what is normally considered bad practice? What portion of this is normally considered bad practice? Remote administration? It has liabilities, but it's a cost-benefit tradeoff. The computer's only actually secure if it's unplugged and locked in a safe. But it's not doing you much good there. -- gabriel rosenkoetter gr@eclipsed.net
Attachment: pgpeqLxbQnFtF.pgp
Description: PGP signature

Follow-Ups:

Re: [PLUG] log as root or not ?
From: Fred K Ollinger <follinge@sas.upenn.edu>

Re: [PLUG] log as root or not ?
From: Jesse P Schultz <schultj@netaxs.com>

References:

Re: [PLUG] log as root or not ?
From: Jesse P Schultz <schultj@netaxs.com>

Re: [PLUG] log as root or not ?
From: christophe barbé <christophe.barbe.ml@online.fr>

Re: [PLUG] log as root or not ?
From: Jesse P Schultz <schultj@netaxs.com>

Prev by Date: Re: [PLUG] log as root or not ?

Next by Date: Re: [PLUG] log as root or not ?

Previous by thread: Re: [PLUG] log as root or not ?

Next by thread: Re: [PLUG] log as root or not ?

Index(es):

Date

Thread