[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Raq3 admin & root passwords

Subject: Re: [cobalt-users] Raq3 admin & root passwords
From: "Michael Zimmermann" <zim@xxxxxxxx>
Date: Tue Apr 25 17:40:22 2000

----- Original Message ----- 
From: "Mike Fritsch" <moley187@xxxxxxxxxxxxx>
> I know how to change the admins PW but how do you root's password?

Being logged in, you use the 'passwd' command.

This gives me the idea, that you are changing the admin-password
thru the gui-interface. If you you are not using SSL on your basic
machine, than this won't help against somebody snooping the net.
And if one of the other machines on your ISP's subnet is hacked,
snooping the subnet is a silent, easy thing I think.

So for the RaQ we have a second important safety rule
(in addition to the "don't telnet"-rule):

    run your basic machine as a secure server

The certificate can be generated by yourself by the way,
you will only have to inform the users that they should
accept this certificate when they acccess siteadmin- or 
personal-pages.

Perhaps Cobalt should put these security-rules into the
default delivery-configuration somehow? 


Michael

Follow-Ups:
- Re: [cobalt-users] Raq3 admin & root passwords
  - From: Jens Kristian Søgaard

References:
- Re: [cobalt-users] Raq3 admin & root passwords
  - From: Jens Kristian Søgaard
- Re: [cobalt-users] Raq3 admin & root passwords
  - From: Michael Zimmermann
- Re: [cobalt-users] Raq3 admin & root passwords
  - From: Mike Fritsch

Prev by Date: RE: [cobalt-users] Re: [Cobalt] SMTP vs. AOL
Next by Date: Re: [cobalt-users] dns same prob
Previous by thread: Re: [cobalt-users] Raq3 admin & root passwords
Next by thread: Re: [cobalt-users] Raq3 admin & root passwords

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index