At 04:01 PM 8/4/01, you wrote:
> Yes, I agree with Dave. That is why I disabled the admin user's shell > access completely. I have another completely different ID that never gets > mail, never FTPs, never logs into the GUI, and is the only user on the > system that can become root and its password is entirely different than > root's. Now if someone manages to grab my admin user password..sure they > can still do tons of damage through the GUI, but they can't telnet/ssh period. > > Just one more obfuscation I know...but I like it..:) Well, if they did crack the admin pass and gain full access to the GUI, couldn't they just turn on telnet access from the GUI? That would thereby give them access to telnet?? Just a thought....learning... -Jamie- http://w-c.net WebConnection.Net, Inc.
Hi,That was my concern when I first thought of disabling admin shell, but seems there is no way to enable/disable the shell for the admin user from the GUI. I had to do it from the command line. The one problem is that the new "hiding" user you create is visible from the GUI. I would like to have that be hidden from there also. But, if a bad guy finds your hidden user...then he still has another password to crack...and then he has to realize this is the one su-able user...and hopefully by then, you've become aware that you're being attacked...:) Make strong passwords.
see ya, Diana
_______________________________________________ cobalt-users mailing list cobalt-users@xxxxxxxxxxxxxxx To Subscribe or Unsubscribe, please go to: http://list.cobalt.com/mailman/listinfo/cobalt-users
Crest Communications, Inc. diana@xxxxxxxxxxxxx Beautiful Sunny Florida http://crestcommunications.com/ 352-495-9359, 425-732-9785 fax