[NCLUG] root/superuser pwd question

Ben West mrgenixus at gmail.com
Tue Sep 9 21:25:51 MDT 2008


Blame Apple -- they started it...

On Tue, Sep 9, 2008 at 8:03 PM, Brian Wood <bwood at beww.org> wrote:

> Ben West wrote:
> > I think you misconcieve this.  I prefer not to have a
> dictionary-attackable
> > root password -- scrambling root is better, and you'll never send the
> > passwor din plaintext over an unencrypted connection -- don't set a root
> > password....
>
> Generally I set up ssh to not accept root logins, you have to log in as
> a regular user and then su to root, so you're sending the root P/W over
> an encrypted link.
>
> Even better is to not allow password authentication with ssh at all. No
> passwords sent in any form.
>
> But if you are local at the console I don't see any problem, anyone in
> the room can screw you just by pulling the plug if they want to :-)
>
> My problem with Ubuntu is not the way they set things up, but the fact
> that they don't even mention other possibilities. If I want to set a
> root password I should be able to, and I don't understand why they do
> not want to leave that decision up to the user. If you had to depend on
> only their documentation you might believe it's not possible to get a
> root terminal.
>
> beww
> _______________________________________________
> NCLUG mailing list       NCLUG at nclug.org
>
> To unsubscribe, subscribe, or modify
> your settings, go to:
> http://www.nclug.org/mailman/listinfo/nclug
>



-- 
/ˈmɪstər/ /ˈdʒɛnəsɪs/@/dʒi/ /meɪl/ /dɒt/ /kɒm/
Benjamin West


More information about the NCLUG mailing list