Conversation

Notices

1. silverwizard (silverwizard@friendica.obscuritus.ca)'s status on Friday, 10-Nov-2017 13:15:07 EST silverwizard
   This is the policy I want
   
   
   ♲ @Michael W Lucas (mwlauthor@twitter.com): When do you allow users to SSH in as root? #sysadmin
   
   My answer is "never." I'm interested in your reasons. #ssh2e
   1. Hypolite Petovan (hypolite@friendica.mrpetovan.com)'s status on Friday, 10-Nov-2017 13:29:23 EST Hypolite Petovan

      in reply to
      I'm logging in as root on my server, but I would never let one of my users do it themselves.
   2. Bob Jonkman (bobjonkman@gs.jonkman.ca)'s status on Friday, 10-Nov-2017 13:39:12 EST Bob Jonkman

      in reply to
      But do you give some users 'sudo' privileges? If so, what's to stop them from running 'sudo -i' for all their sessions? #IDoThat
      1. silverwizard (silverwizard@friendica.obscuritus.ca)'s status on Friday, 10-Nov-2017 13:47:46 EST silverwizard

         in reply to
         @bobjonkman Honestly, I allow root logins on nothing, and minimize password logins. I sudo su - when needed - but I try to do things
         
         The big problem is when I change my password with "sudo passwd" because I am used to running everything with sudo
         1. silverwizard (silverwizard@friendica.obscuritus.ca)'s status on Friday, 10-Nov-2017 14:50:22 EST silverwizard

            in reply to
            @bobjonkman @Hypolite Petovan @mwlauthor also! Remember to do sudo for most users properly, not "all permissions everywhere"