Date: Wed, 11 Mar 1998 21:23:25 -0800 (PST) From: Doug White <dwhite@gdi.uoregon.edu> To: Leif Neland <leifn@image.dk> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: How do you assign the ROOT user to be able to access via TELNET? Message-ID: <Pine.BSF.3.96.980311212210.16485Y-100000@gdi.uoregon.edu> In-Reply-To: <634_9803120015@swimsuit.swimsuit.roskildebc.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11 Mar 1998, Leif Neland wrote: > At 11 Mar 98 10:28:26 Greg Lehey wrote regarding Re: How do you assign the ROOT > user to be able to access via TELNET? > > GL> You log in as yourself, and then use su to become root. All > GL> else is such an enormous security hole that you don't even want > GL> to think about it. > > Why, really? > > What's the difference between getting the rootpassword sniffed at > login, and when su'ing? Other than the sniffer probably need to snif both your > normal password, and the rootpassword, if he doesn't have one himself and are > in group wheel. Well, you have safeguards in place to keep people from sniffing, right? Disabled telnet, use ssh exclusively? In this case it creates two walls to get through -- the user's and then root's passwords. Hacking one password is hard enough, two can be downright impossible with limited time. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980311212210.16485Y-100000>