11-14-2012
Quote:
Originally Posted by
Corona688
Not without my password-protected key, they can't. Even if they steal it, it won't work for them without the password. ssh-agent is how I use that to automate.
This was not what i meant: you have some user-account, which is allowed to log on AND it is allowed to "sudo su -". You protect this account with a password, a key and whatever else. This protection amounts to
some level of security (whatever "some" is, this is not my point). If you would log in as root directly and have the same amount of security - the same key strength, the same password strength and whatever else you use to protect your user account. My point is that it follows, that these measures would amount to the
same amount of security as with the user. It is equally hard to crack a key or a password, regardless of this key (password) protecting the root-account or any other user-account.
bakunin
9 More Discussions You Might Find Interesting
1. Answers to Frequently Asked Questions
We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Discussion started by: Perderabo
0 Replies
2. Linux Benchmarks
I created two computers with identical hardware, and run the benchmark programs in both starting at the same exact time.
What makes no sense is that the computer that has the lower average index (121) finished the race a good 30 minutes ahead of the computer wich showed the higher avg index... (0 Replies)
Discussion started by: philip_38
0 Replies
3. AIX
Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in.
I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies
4. High Performance Computing
08-18-2008 11:00 AM
Cluster computing has played a pivotal role in the way research is conducted in educational environments. Because the amount of available money and hardware varies between university researchers, often it's necessary to find a clustering solution that can work well on a small... (0 Replies)
Discussion started by: Linux Bot
0 Replies
5. UNIX for Dummies Questions & Answers
I've been referring bash info for processes and came across a structure for a process which is defined like
typedef struct process
{
struct process *next;
char ** argv
.
.
.
}process;
What I don't understand is that in the program there's a for loop which goes like this
job... (2 Replies)
Discussion started by: sdsd
2 Replies
6. UNIX for Dummies Questions & Answers
I'm running the following rsync command to sync a directory between the 2 servers:
rsync -az --delete --stats /some_dir/ server_name:/some_dir
I'm getting the following output:
Number of files: 655174
Number of files transferred: 14221
Total file size: 1138531979331 bytes
Total... (0 Replies)
Discussion started by: GKnight
0 Replies
7. UNIX for Advanced & Expert Users
Can someone explain the correlation between how sar names the disk drives and how the rest of the OS names the disk drives?
sar lists my disk drives as sd0, sd1, sd2, etc.....
while format lists my disk drives as c1t0d0, c1t1d0, c1t2d0,etc...
And also why sar shows 8 disks but format... (2 Replies)
Discussion started by: s ladd
2 Replies
8. Red Hat
I installed the OpenSSH on my Windows Machine. I want to connect to the remote Linux machine without typing password. I followed the bellow instructions but the SSH needs password to establish the connection yet.
Open CMD and run: ssh-keygen -t rsa (The public and private keys are generated in... (1 Reply)
Discussion started by: manoj.solaris
1 Replies
9. Red Hat
We have several dozen Redhat 5, 6 and 7 servers that are running Oracle databases. On some databases we are using automatic memory management, which uses shared memory. On other databases we are use manual memory management, which does not use shared memory.
When I see that a server is swapping... (2 Replies)
Discussion started by: gandolf989
2 Replies
LEARN ABOUT POSIX
securetty
SECURETTY(5) Linux Programmer's Manual SECURETTY(5)
NAME
securetty - file which lists terminals from which root can log in
DESCRIPTION
The file /etc/securetty contains the names of terminals (one per line, without leading /dev/) which are considered secure for the transmis-
sion of certain authentication tokens.
It is used by (some versions of) login(1) to restrict the terminals on which root is allowed to login. See login.defs(5) if you use the
shadow suite.
On PAM enabled systems, it is used for the same purpose by pam_securetty(8) to restrict the terminals on which empty passwords are
accepted.
FILES
/etc/securetty
SEE ALSO
login(1), login.defs(5), pam_securetty(8)
COLOPHON
This page is part of release 4.15 of the Linux man-pages project. A description of the project, information about reporting bugs, and the
latest version of this page, can be found at https://www.kernel.org/doc/man-pages/.
Linux 2015-03-29 SECURETTY(5)