Printable View
Hi all,
I have this little question: I have read many times that when connecting to linux terminal over inet that I shouldnt login as root. That I should login as normal user and then use su command to receive root rights. Is this true? And if yes why? What's the point?
You know I really don't understand linux so if someone could explain:)
Thanx Sun7dots
Well, for a start, most servers don't allow remote root login, and log all attempts at it...
So if you login as another user, then use su to get root privileges, it works a whole lot better.
is this the only reason?
and if the server allows it?
If the server does allow it, it's still not advisable, cause it means transmitting the (unencrypted) root password over the network/internet (very insecure).
1) Server shouldn't allow root to log in remotely.
2) Password sniffers always check for login password, but now always passwords once connected.
3) You shouldn't log on as root unless you HAVE to anyway
Use SSH, not telnet. That will help also. Make sure you are using the latest version though.
Why? Security issues. It is way to easy to sniff a password or hijack a session. I don't log in as root from anyplace other then the terminal unless I absoutely have to. Even then, not for long.
thnx guys:) I forgot sniffers... so thanx for explaining...
I log in as root ONLY from the keyboard going directly into the back of the computer I'm logging into. I don't even login as root over LANs.
In fact, I don't su root either, if I need to do something as root, I'll log in locally rather than go over a network of any kind, even if I administrate it and even if it's supposed to be secure.
su provides cryptographically secured authentication. which protects from tcp hijacking and spoofing. and sniffing.
I agree with Rewandythal and souleman's advice. You should not allow remote root login and if you have to do a remote connection I would advice tu use SSH.
SSH has some issues but is far safer then Telnet :).
I have also set my servers to deny root locally. The cause of that is that we are several admins. When the admins have to log in as normal users and then "su" to get root privilegies I can see exactly when and what someone has been doing with the servers.
It can be hard to see who has been to the machine if everybody uses root when logging in to the servers :).
I am the only person with root access to my Linux machines, and Administrative access to my 2K machines, (All other users get either Power User (2k) or just normal user accounts in linux).