Re: [cobalt-users] admin/root password concern

[Jonas Pasche <jonas@xxxxxxxx>]

hi,

> other than the RAQ admin. Would it be wiser to set up
> a site admin
> for each domain and FTP the files through the site
> admin rather than
> as a the RAQ admin? Is using FTP as the RAQ admin with
> the same
> password as the root a major security concern?

as you maybe know admin access to sites will go away if admin is a member 
of > 32 groups (i think, 28 sites and 4 system groups will do that), so it 
is _always_ a good idea to be site-admin if you want to transfer your site 
data.

in general, every time you log in your (admin-)password is sent as plain 
text. if you're able to monitor the connection (and that's not too easy, as 
discussed some postings ago), it wouldn't be too hard to get it. but  thats 
not a big argument for not using admin to ftp through your sites. just a 
little. :) it would be much better if you tunnel such accesses through an 
SSH connection (port forwarding).

> Does anybody have a definitive answer as to whether
> having a different root passwd from the admin
> will have an adverse effect on the GUI interface?

as michael pointed out, we sell all raq's with different root/admin 
passwords, and there is definitely no problem with that.

> And if so what would it be? And my final question
> would being able to use a unique user name on the RAQ
> admin offer
> a bit more security?

well, security through obscurity. i think cobalt always uses "$Adminuser" 
instead of "admin" in the scripts, but that doesn't really mean that it is 
easy to change that. there are hundreds of scripts, and i don't want to 
check them all. :)

cya, jonas


____________________________________________
Jonas Pasche
Technischer Support

webagentur Domke GmbH

Rheinstr. 3 - 64283 Darmstadt - Germany

Telefon +49 6151 17742-33
Telefax +49 6151 293173

http://www.domke.de

mailto:j.pasche@xxxxxxxx
____________________________________________