[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re[2]: [cobalt-users] URGENT: Cannot su - while being admin
- Subject: Re[2]: [cobalt-users] URGENT: Cannot su - while being admin
- From: Pierre Chopot <pierre@xxxxxxxxxxx>
- Date: Tue Jan 8 02:40:29 2002
- Organization: Zapilou
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Hello List,
Monday, January 07, 2002, 11:17:45 PM, you wrote:
fin> On Mon, 7 Jan 2002, Octavio Heredia wrote:
fin> I don't think you can fix this without booting and logging in physically,
fin> unless you did something evil like letting root ssh ;P
fin> gsh
I know this stupid question will have some easy answers but I'm not
afraid of telling the world that I don't know so I will ask it anyway
(even if it's no help to original poster):
I know perfectly well the differences between telnet and ssh and I am
only using the later one but what I don't get is why people usually
tell you (and this is what I am doing) to telnet/ssh to a box using
someuser and then su to root instead of directly doing a telnet/ssh
using root. In my understanding (which is probably where I am wrong)
in the first case you expose to the world the login/pwd of both
someuser and root and in the second case just the one from root. I am
thinking this because when you su to root, you type the root password
in your telnet/ssh console and it get sent to the remote computer
through telnet/ssh, same as if you were directly doing it to login.
(and I think the question is valid of course for telnet but also for
ssh).
And to link this with gsh's answer, is there a way to forbid root to
telnet/ssh ? (besides writing it in the law/constitution...)
Thank you for helping a beginner become a pro :-)
--
Regards,
Pierre
pierre@xxxxxxxxxxx