March 27th, 2002, 06:31 PM
why to use su??
I have this little question: I have read many times that when connecting to linux terminal over inet that I shouldnt login as root. That I should login as normal user and then use su command to receive root rights. Is this true? And if yes why? What's the point?
You know I really don't understand linux so if someone could explain
March 27th, 2002, 06:35 PM
Well, for a start, most servers don't allow remote root login, and log all attempts at it...
So if you login as another user, then use su to get root privileges, it works a whole lot better.
March 27th, 2002, 06:37 PM
is this the only reason?
and if the server allows it?
March 27th, 2002, 06:40 PM
If the server does allow it, it's still not advisable, cause it means transmitting the (unencrypted) root password over the network/internet (very insecure).
March 27th, 2002, 06:40 PM
1) Server shouldn't allow root to log in remotely.
2) Password sniffers always check for login password, but now always passwords once connected.
3) You shouldn't log on as root unless you HAVE to anyway
Use SSH, not telnet. That will help also. Make sure you are using the latest version though.
Why? Security issues. It is way to easy to sniff a password or hijack a session. I don't log in as root from anyplace other then the terminal unless I absoutely have to. Even then, not for long.
\"Ignorance is bliss....
but only for your enemy\"
March 27th, 2002, 06:43 PM
thnx guys I forgot sniffers... so thanx for explaining...
March 27th, 2002, 06:46 PM
I log in as root ONLY from the keyboard going directly into the back of the computer I'm logging into. I don't even login as root over LANs.
In fact, I don't su root either, if I need to do something as root, I'll log in locally rather than go over a network of any kind, even if I administrate it and even if it's supposed to be secure.
March 27th, 2002, 06:53 PM
su provides cryptographically secured authentication. which protects from tcp hijacking and spoofing. and sniffing.
March 27th, 2002, 07:08 PM
I agree with Rewandythal and souleman's advice. You should not allow remote root login and if you have to do a remote connection I would advice tu use SSH.
SSH has some issues but is far safer then Telnet .
I have also set my servers to deny root locally. The cause of that is that we are several admins. When the admins have to log in as normal users and then "su" to get root privilegies I can see exactly when and what someone has been doing with the servers.
It can be hard to see who has been to the machine if everybody uses root when logging in to the servers .
March 27th, 2002, 07:36 PM
I am the only person with root access to my Linux machines, and Administrative access to my 2K machines, (All other users get either Power User (2k) or just normal user accounts in linux).